/**
 *
 */
import Util;
import OpenApi;
import OpenApiUtil;
import EndpointUtil;

extends OpenApi;


init(config: OpenApi.Config){
  super(config);
  @endpointRule = 'central';
  
  checkConfig(config);
  @endpoint = getEndpoint('ram', @regionId, @endpointRule, @network, @suffix, @endpointMap, @endpoint);
}

function getEndpoint(productId: string, regionId: string, endpointRule: string, network: string, suffix: string, endpointMap: map[string]string, endpoint: string) throws: string{
  if (!Util.empty(endpoint)) {
    return endpoint;
  }
  
  if (!Util.isUnset(endpointMap) && !Util.empty(endpointMap[regionId])) {
    return endpointMap[regionId];
  }
  return EndpointUtil.getEndpointRules(productId, regionId, endpointRule, network, suffix);
}

model AddUserToGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model AddUserToGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='1B968853-B423-63A6-FE1F-45E81BC2AD61'),
}

model AddUserToGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AddUserToGroupResponseBody(name='body'),
}

/**
 * @summary Adds a RAM user to a RAM user group.
 *
 * @param request AddUserToGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AddUserToGroupResponse
 */
async function addUserToGroupWithOptions(request: AddUserToGroupRequest, runtime: Util.RuntimeOptions): AddUserToGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AddUserToGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Adds a RAM user to a RAM user group.
 *
 * @param request AddUserToGroupRequest
 * @return AddUserToGroupResponse
 */
async function addUserToGroup(request: AddUserToGroupRequest): AddUserToGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return addUserToGroupWithOptions(request, runtime);
}

model AttachPolicyToGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='dev'),
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
}

model AttachPolicyToGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model AttachPolicyToGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachPolicyToGroupResponseBody(name='body'),
}

/**
 * @summary Attaches a policy to a RAM user group.
 *
 * @param request AttachPolicyToGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachPolicyToGroupResponse
 */
async function attachPolicyToGroupWithOptions(request: AttachPolicyToGroupRequest, runtime: Util.RuntimeOptions): AttachPolicyToGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachPolicyToGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Attaches a policy to a RAM user group.
 *
 * @param request AttachPolicyToGroupRequest
 * @return AttachPolicyToGroupResponse
 */
async function attachPolicyToGroup(request: AttachPolicyToGroupRequest): AttachPolicyToGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachPolicyToGroupWithOptions(request, runtime);
}

model AttachPolicyToRoleRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
  roleName?: string(name='RoleName', description='The name of the RAM role.', example='OSSAdminRole'),
}

model AttachPolicyToRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model AttachPolicyToRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachPolicyToRoleResponseBody(name='body'),
}

/**
 * @summary Attaches a policy to a RAM role.
 *
 * @param request AttachPolicyToRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachPolicyToRoleResponse
 */
async function attachPolicyToRoleWithOptions(request: AttachPolicyToRoleRequest, runtime: Util.RuntimeOptions): AttachPolicyToRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachPolicyToRole',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Attaches a policy to a RAM role.
 *
 * @param request AttachPolicyToRoleRequest
 * @return AttachPolicyToRoleResponse
 */
async function attachPolicyToRole(request: AttachPolicyToRoleRequest): AttachPolicyToRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachPolicyToRoleWithOptions(request, runtime);
}

model AttachPolicyToUserRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model AttachPolicyToUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model AttachPolicyToUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachPolicyToUserResponseBody(name='body'),
}

/**
 * @summary Attaches a policy to a RAM user.
 *
 * @param request AttachPolicyToUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachPolicyToUserResponse
 */
async function attachPolicyToUserWithOptions(request: AttachPolicyToUserRequest, runtime: Util.RuntimeOptions): AttachPolicyToUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachPolicyToUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Attaches a policy to a RAM user.
 *
 * @param request AttachPolicyToUserRequest
 * @return AttachPolicyToUserResponse
 */
async function attachPolicyToUser(request: AttachPolicyToUserRequest): AttachPolicyToUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachPolicyToUserWithOptions(request, runtime);
}

model BindMFADeviceRequest {
  authenticationCode1?: string(name='AuthenticationCode1', description='The first authentication code.', example='11****'),
  authenticationCode2?: string(name='AuthenticationCode2', description='The second authentication code.', example='33****'),
  serialNumber?: string(name='SerialNumber', description='The serial number of the MFA device.', example='acs:ram::123456789012****:mfa/device002'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model BindMFADeviceResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model BindMFADeviceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: BindMFADeviceResponseBody(name='body'),
}

/**
 * @param request BindMFADeviceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return BindMFADeviceResponse
 */
async function bindMFADeviceWithOptions(request: BindMFADeviceRequest, runtime: Util.RuntimeOptions): BindMFADeviceResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.authenticationCode1)) {
    query['AuthenticationCode1'] = request.authenticationCode1;
  }
  if (!Util.isUnset(request.authenticationCode2)) {
    query['AuthenticationCode2'] = request.authenticationCode2;
  }
  if (!Util.isUnset(request.serialNumber)) {
    query['SerialNumber'] = request.serialNumber;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'BindMFADevice',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request BindMFADeviceRequest
 * @return BindMFADeviceResponse
 */
async function bindMFADevice(request: BindMFADeviceRequest): BindMFADeviceResponse {
  var runtime = new Util.RuntimeOptions{};
  return bindMFADeviceWithOptions(request, runtime);
}

model ChangePasswordRequest {
  newPassword?: string(name='NewPassword', description='The new password that is used to log on to the Alibaba Cloud Management Console.

The password must meet the complexity requirements. For more information, see [SetPasswordPolicy](https://help.aliyun.com/document_detail/28739.html).', example='aw$2****'),
  oldPassword?: string(name='OldPassword', description='The old password that is used to log on to the Alibaba Cloud Management Console.', example='12****'),
}

model ChangePasswordResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model ChangePasswordResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ChangePasswordResponseBody(name='body'),
}

/**
 * @description >  This operation is available only for RAM users. Before you call this operation, make sure that `AllowUserToChangePassword` in [SetSecurityPreference](https://help.aliyun.com/document_detail/43765.html) is set to `True`. The value True indicates that RAM users can change their passwords.
 *
 * @param request ChangePasswordRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ChangePasswordResponse
 */
async function changePasswordWithOptions(request: ChangePasswordRequest, runtime: Util.RuntimeOptions): ChangePasswordResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.newPassword)) {
    query['NewPassword'] = request.newPassword;
  }
  if (!Util.isUnset(request.oldPassword)) {
    query['OldPassword'] = request.oldPassword;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ChangePassword',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @description >  This operation is available only for RAM users. Before you call this operation, make sure that `AllowUserToChangePassword` in [SetSecurityPreference](https://help.aliyun.com/document_detail/43765.html) is set to `True`. The value True indicates that RAM users can change their passwords.
 *
 * @param request ChangePasswordRequest
 * @return ChangePasswordResponse
 */
async function changePassword(request: ChangePasswordRequest): ChangePasswordResponse {
  var runtime = new Util.RuntimeOptions{};
  return changePasswordWithOptions(request, runtime);
}

model ClearAccountAliasResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model ClearAccountAliasResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ClearAccountAliasResponseBody(name='body'),
}

/**
 * @param request ClearAccountAliasRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ClearAccountAliasResponse
 */
async function clearAccountAliasWithOptions(runtime: Util.RuntimeOptions): ClearAccountAliasResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'ClearAccountAlias',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @return ClearAccountAliasResponse
 */
async function clearAccountAlias(): ClearAccountAliasResponse {
  var runtime = new Util.RuntimeOptions{};
  return clearAccountAliasWithOptions(runtime);
}

model CreateAccessKeyRequest {
  userName?: string(name='UserName', description='The name of the RAM user. If a RAM user calls this operation and does not specify this parameter, an AccessKey pair is created for the RAM user.', example='zhangq****'),
}

model CreateAccessKeyResponseBody = {
  accessKey?: {
    accessKeyId?: string(name='AccessKeyId', description='The AccessKey ID.', example='0wNEpMMlzy7s****'),
    accessKeySecret?: string(name='AccessKeySecret', description='The AccessKey secret.', example='PupkTg8jdmau1cXxYacgE736PJ****'),
    createDate?: string(name='CreateDate', description='The time when the AccessKey pair was created.', example='2015-01-23T12:33:18Z'),
    status?: string(name='Status', description='The status of the AccessKey pair. Valid values: Active and Inactive.', example='Active'),
  }(name='AccessKey', description='The information of the AccessKey pair.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model CreateAccessKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateAccessKeyResponseBody(name='body'),
}

/**
 * @param request CreateAccessKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateAccessKeyResponse
 */
async function createAccessKeyWithOptions(request: CreateAccessKeyRequest, runtime: Util.RuntimeOptions): CreateAccessKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateAccessKey',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request CreateAccessKeyRequest
 * @return CreateAccessKeyResponse
 */
async function createAccessKey(request: CreateAccessKeyRequest): CreateAccessKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createAccessKeyWithOptions(request, runtime);
}

model CreateGroupRequest {
  comments?: string(name='Comments', description='The description.

The value can be up to 128 characters in length.', example='Dev-Team'),
  groupName?: string(name='GroupName', description='The name of the user group.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.), hyphens (-), and underscores (_).', example='Dev-Team'),
}

model CreateGroupResponseBody = {
  group?: {
    comments?: string(name='Comments', description='The description.', example='Dev-Team'),
    createDate?: string(name='CreateDate', description='The creation time.', example='2015-01-23T12:33:18Z'),
    groupId?: string(name='GroupId', description='The ID of the user group.', example='g-FpMEHiMysofp****'),
    groupName?: string(name='GroupName', description='The name of the user group.', example='Dev-Team'),
  }(name='Group', description='The information about the group.'),
  requestId?: string(name='RequestId', description='The request ID.', example='D3F0679E-9757-95DB-AF2D-04D5188C69C5'),
}

model CreateGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateGroupResponseBody(name='body'),
}

/**
 * @summary Creates a RAM user group.
 *
 * @param request CreateGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateGroupResponse
 */
async function createGroupWithOptions(request: CreateGroupRequest, runtime: Util.RuntimeOptions): CreateGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comments)) {
    query['Comments'] = request.comments;
  }
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a RAM user group.
 *
 * @param request CreateGroupRequest
 * @return CreateGroupResponse
 */
async function createGroup(request: CreateGroupRequest): CreateGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return createGroupWithOptions(request, runtime);
}

model CreateLoginProfileRequest {
  MFABindRequired?: boolean(name='MFABindRequired', description='Specifies whether an MFA device must be attached to the RAM user upon logon. Default value: `false`.', example='false'),
  password?: string(name='Password', description='The logon password of the RAM user. The password must meet the password strength requirements. For more information, see [GetPasswordPolicy](https://help.aliyun.com/document_detail/2337691.html).', example='mypassword'),
  passwordResetRequired?: boolean(name='PasswordResetRequired', description='Specifies whether the RAM user must change the password upon logon. Default value: `false`.', example='false'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model CreateLoginProfileResponseBody = {
  loginProfile?: {
    createDate?: string(name='CreateDate', description='The time when the logon configurations were created.', example='2015-01-23T12:33:18Z'),
    MFABindRequired?: boolean(name='MFABindRequired', description='Indicates whether an MFA device must be attached to the RAM user upon logon.', example='false'),
    passwordResetRequired?: boolean(name='PasswordResetRequired', description='Indicates whether the RAM user must change the password upon logon.', example='false'),
    userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
  }(name='LoginProfile', description='The logon configurations of the RAM user.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model CreateLoginProfileResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateLoginProfileResponseBody(name='body'),
}

/**
 * @summary Enables console logon for a RAM user.
 *
 * @param request CreateLoginProfileRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateLoginProfileResponse
 */
async function createLoginProfileWithOptions(request: CreateLoginProfileRequest, runtime: Util.RuntimeOptions): CreateLoginProfileResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.MFABindRequired)) {
    query['MFABindRequired'] = request.MFABindRequired;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.passwordResetRequired)) {
    query['PasswordResetRequired'] = request.passwordResetRequired;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateLoginProfile',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Enables console logon for a RAM user.
 *
 * @param request CreateLoginProfileRequest
 * @return CreateLoginProfileResponse
 */
async function createLoginProfile(request: CreateLoginProfileRequest): CreateLoginProfileResponse {
  var runtime = new Util.RuntimeOptions{};
  return createLoginProfileWithOptions(request, runtime);
}

model CreatePolicyRequest {
  description?: string(name='Description', description='The description of the policy.

The description must be 1 to 1,024 characters in length.', example='Query ECS instances in a specific region'),
  policyDocument?: string(name='PolicyDocument', description='The document of the policy.

The document must be 1 to 6,144 characters in length.

For more information about policy elements and sample policies, see [Policy elements](https://help.aliyun.com/document_detail/93738.html) and [Overview of sample policies](https://help.aliyun.com/document_detail/210969.html).', example='{"Statement": [{"Effect": "Allow","Action": "ecs:Describe*","Resource": "acs:ecs:cn-qingdao:*:instance/*"}],"Version": "1"}'),
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length, and can contain letters, digits, and hyphens (-).', example='View-ECS-instances-in-a-specific-region'),
  tag?: [ 
    {
      key?: string(name='Key'),
      value?: string(name='Value'),
    }
  ](name='Tag'),
}

model CreatePolicyShrinkRequest {
  description?: string(name='Description', description='The description of the policy.

The description must be 1 to 1,024 characters in length.', example='Query ECS instances in a specific region'),
  policyDocument?: string(name='PolicyDocument', description='The document of the policy.

The document must be 1 to 6,144 characters in length.

For more information about policy elements and sample policies, see [Policy elements](https://help.aliyun.com/document_detail/93738.html) and [Overview of sample policies](https://help.aliyun.com/document_detail/210969.html).', example='{"Statement": [{"Effect": "Allow","Action": "ecs:Describe*","Resource": "acs:ecs:cn-qingdao:*:instance/*"}],"Version": "1"}'),
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length, and can contain letters, digits, and hyphens (-).', example='View-ECS-instances-in-a-specific-region'),
  tagShrink?: string(name='Tag'),
}

model CreatePolicyResponseBody = {
  policy?: {
    createDate?: string(name='CreateDate', description='The time when the policy was created.', example='2021-10-13T02:46:57Z'),
    defaultVersion?: string(name='DefaultVersion', description='The version of the policy. Default value: v1.', example='v1'),
    description?: string(name='Description', description='The description of the policy.', example='Query ECS instances in a specific region'),
    policyName?: string(name='PolicyName', description='The name of the policy.', example='View-ECS-instances-in-a-specific-region'),
    policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy', example='Custom'),
  }(name='Policy', description='The information about the policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='BA34C54A-C2B1-5A65-B6B0-B5842C1DB4DA'),
}

model CreatePolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreatePolicyResponseBody(name='body'),
}

/**
 * @summary Creates a custom policy.
 *
 * @description For more information about policies, see [Policy overview](https://help.aliyun.com/document_detail/93732.html).
 * This topic provides an example on how to create a custom policy to query Elastic Compute Service (ECS) instances in a specific region.
 *
 * @param tmpReq CreatePolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreatePolicyResponse
 */
async function createPolicyWithOptions(tmpReq: CreatePolicyRequest, runtime: Util.RuntimeOptions): CreatePolicyResponse {
  Util.validateModel(tmpReq);
  var request = new CreatePolicyShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.tag)) {
    request.tagShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.tag, 'Tag', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.policyDocument)) {
    query['PolicyDocument'] = request.policyDocument;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.tagShrink)) {
    query['Tag'] = request.tagShrink;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreatePolicy',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a custom policy.
 *
 * @description For more information about policies, see [Policy overview](https://help.aliyun.com/document_detail/93732.html).
 * This topic provides an example on how to create a custom policy to query Elastic Compute Service (ECS) instances in a specific region.
 *
 * @param request CreatePolicyRequest
 * @return CreatePolicyResponse
 */
async function createPolicy(request: CreatePolicyRequest): CreatePolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createPolicyWithOptions(request, runtime);
}

model CreatePolicyVersionRequest {
  policyDocument?: string(name='PolicyDocument', description='The document of the policy. The document can be up to 6,144 bytes in length.', example='{"Statement":[{"Action":["oss:*"],"Effect":"Allow","Resource":["acs:oss:*:*:*"]}],"Version":"1"}'),
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  rotateStrategy?: string(name='RotateStrategy', description='The rotation strategy of the policy. The rotation strategy can be used to delete an early policy version.

Valid values:

*   `None`: disables the rotation strategy.
*   `DeleteOldestNonDefaultVersionWhenLimitExceeded`: deletes the earliest non-active version if the number of versions exceeds the limit.

Default value: `None`.', example='None'),
  setAsDefault?: boolean(name='SetAsDefault', description='Specifies whether to set this policy as the default policy. Default value: `false`.', example='false'),
}

model CreatePolicyVersionResponseBody = {
  policyVersion?: {
    createDate?: string(name='CreateDate', description='The time when the policy version was created.', example='2015-01-23T12:33:18Z'),
    isDefaultVersion?: boolean(name='IsDefaultVersion', description='Indicates whether the policy version is the default version.', example='false'),
    policyDocument?: string(name='PolicyDocument', description='The document of the policy.', example='{ "Statement": [{ "Action": ["oss:*"], "Effect": "Allow", "Resource": ["acs:oss:*:*:*"]}], "Version": "1"}'),
    versionId?: string(name='VersionId', description='The ID of the policy version.', example='v3'),
  }(name='PolicyVersion', description='The information about the policy version.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CreatePolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreatePolicyVersionResponseBody(name='body'),
}

/**
 * @param request CreatePolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreatePolicyVersionResponse
 */
async function createPolicyVersionWithOptions(request: CreatePolicyVersionRequest, runtime: Util.RuntimeOptions): CreatePolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyDocument)) {
    query['PolicyDocument'] = request.policyDocument;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.rotateStrategy)) {
    query['RotateStrategy'] = request.rotateStrategy;
  }
  if (!Util.isUnset(request.setAsDefault)) {
    query['SetAsDefault'] = request.setAsDefault;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreatePolicyVersion',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request CreatePolicyVersionRequest
 * @return CreatePolicyVersionResponse
 */
async function createPolicyVersion(request: CreatePolicyVersionRequest): CreatePolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return createPolicyVersionWithOptions(request, runtime);
}

model CreateRoleRequest {
  assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The trust policy that specifies one or more trusted entities to assume the RAM role. The trusted entities can be Alibaba Cloud accounts, Alibaba Cloud services, or identity providers (IdPs).

>  RAM users cannot assume the RAM roles of trusted Alibaba Cloud services.', example='{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"RAM":"acs:ram::123456789012****:root"}}],"Version":"1"}'),
  description?: string(name='Description', description='The description of the RAM role.

The description must be 1 to 1,024 characters in length.', example='ECS administrator'),
  maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.

Valid values: 3600 to 43200. Unit: seconds. Default value: 3600.

If you do not specify this parameter, the default value is used.', example='3600'),
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length, and can contain letters, digits, periods (.), and hyphens (-).', example='ECSAdmin'),
  tag?: [ 
    {
      key?: string(name='Key'),
      value?: string(name='Value'),
    }
  ](name='Tag'),
}

model CreateRoleShrinkRequest {
  assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The trust policy that specifies one or more trusted entities to assume the RAM role. The trusted entities can be Alibaba Cloud accounts, Alibaba Cloud services, or identity providers (IdPs).

>  RAM users cannot assume the RAM roles of trusted Alibaba Cloud services.', example='{"Statement":[{"Action":"sts:AssumeRole","Effect":"Allow","Principal":{"RAM":"acs:ram::123456789012****:root"}}],"Version":"1"}'),
  description?: string(name='Description', description='The description of the RAM role.

The description must be 1 to 1,024 characters in length.', example='ECS administrator'),
  maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.

Valid values: 3600 to 43200. Unit: seconds. Default value: 3600.

If you do not specify this parameter, the default value is used.', example='3600'),
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length, and can contain letters, digits, periods (.), and hyphens (-).', example='ECSAdmin'),
  tagShrink?: string(name='Tag'),
}

model CreateRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  role?: {
    arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the role.', example='acs:ram::123456789012****:role/ECSAdmin'),
    assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The trust policy that specifies the trusted entity to assume the RAM role.', example='{ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::123456789012****:root" } } ], "Version": "1" }'),
    createDate?: string(name='CreateDate', description='The time when the RAM user was created.', example='2015-01-23T12:33:18Z'),
    description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
    maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
    roleId?: string(name='RoleId', description='The ID of the RAM role.', example='901234567890****'),
    roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
  }(name='Role', description='The information of the RAM role.'),
}

model CreateRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateRoleResponseBody(name='body'),
}

/**
 * @summary Creates a RAM role.
 *
 * @description ## Description
 * For more information about RAM roles, see [Overview of RAM roles](https://help.aliyun.com/document_detail/93689.html).
 *
 * @param tmpReq CreateRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateRoleResponse
 */
async function createRoleWithOptions(tmpReq: CreateRoleRequest, runtime: Util.RuntimeOptions): CreateRoleResponse {
  Util.validateModel(tmpReq);
  var request = new CreateRoleShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.tag)) {
    request.tagShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.tag, 'Tag', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.assumeRolePolicyDocument)) {
    query['AssumeRolePolicyDocument'] = request.assumeRolePolicyDocument;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.maxSessionDuration)) {
    query['MaxSessionDuration'] = request.maxSessionDuration;
  }
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  if (!Util.isUnset(request.tagShrink)) {
    query['Tag'] = request.tagShrink;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateRole',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a RAM role.
 *
 * @description ## Description
 * For more information about RAM roles, see [Overview of RAM roles](https://help.aliyun.com/document_detail/93689.html).
 *
 * @param request CreateRoleRequest
 * @return CreateRoleResponse
 */
async function createRole(request: CreateRoleRequest): CreateRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return createRoleWithOptions(request, runtime);
}

model CreateUserRequest {
  comments?: string(name='Comments', description='The description of the RAM user.

The description must be 1 to 128 characters in length.', example='This is a cloud computing engineer.'),
  displayName?: string(name='DisplayName', description='The display name of the RAM user.

The display name must be 1 to 128 characters in length.', example='alice'),
  email?: string(name='Email', description='The email address of the RAM user.

>  This parameter applies only to the China site (aliyun.com).', example='alice@example.com'),
  mobilePhone?: string(name='MobilePhone', description='The mobile phone number of the RAM user.

Format: Country code-Mobile phone number.

>  This parameter applies only to the China site (aliyun.com).', example='86-1868888****'),
  userName?: string(name='UserName', description='The username of the RAM user.

The username must be 1 to 64 characters in length, and can contain letters, digits, periods (.), hyphens (-), and underscores (_).', example='alice'),
}

model CreateUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  user?: {
    comments?: string(name='Comments', description='The description of the RAM user.', example='This is a cloud computing engineer.'),
    createDate?: string(name='CreateDate', description='The point in time when the RAM user was created. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
    displayName?: string(name='DisplayName', description='The display name of the RAM user.', example='alice'),
    email?: string(name='Email', description='The email address of the RAM user.

>  This parameter can be returned only on the China site (aliyun.com).', example='alice@example.com'),
    mobilePhone?: string(name='MobilePhone', description='The mobile phone number of the RAM user.

>  This parameter can be returned only on the China site (aliyun.com).', example='86-1868888****'),
    userId?: string(name='UserId', description='The ID of the RAM user.', example='122748924538****'),
    userName?: string(name='UserName', description='The username of the RAM user.', example='alice'),
  }(name='User', description='The information about the RAM user.'),
}

model CreateUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateUserResponseBody(name='body'),
}

/**
 * @summary Creates a Resource Access Management (RAM) user.
 *
 * @description This topic provides an example on how to create a RAM user named `alice`.
 *
 * @param request CreateUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateUserResponse
 */
async function createUserWithOptions(request: CreateUserRequest, runtime: Util.RuntimeOptions): CreateUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comments)) {
    query['Comments'] = request.comments;
  }
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.email)) {
    query['Email'] = request.email;
  }
  if (!Util.isUnset(request.mobilePhone)) {
    query['MobilePhone'] = request.mobilePhone;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a Resource Access Management (RAM) user.
 *
 * @description This topic provides an example on how to create a RAM user named `alice`.
 *
 * @param request CreateUserRequest
 * @return CreateUserResponse
 */
async function createUser(request: CreateUserRequest): CreateUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return createUserWithOptions(request, runtime);
}

model CreateVirtualMFADeviceRequest {
  virtualMFADeviceName?: string(name='VirtualMFADeviceName', description='The name of the MFA device.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.), and hyphens (-).', example='device001'),
}

model CreateVirtualMFADeviceResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  virtualMFADevice?: {
    base32StringSeed?: string(name='Base32StringSeed', description='The key of the MFA device.', example='DSF98HAD982KJA9SDFNAS9D8FU839B8ADHBGS****'),
    QRCodePNG?: string(name='QRCodePNG', description='The Base64-encoded QR code, in the PNG format.', example='YXNkZmFzZDlmeW5hc2Q5OGZoODd4bXJmcThhaGU5aSBmYXNkZiBzYWRmIGFGIDRxd2VjIGEgdHEz****'),
    serialNumber?: string(name='SerialNumber', description='The serial number of the MFA device.', example='acs:ram::123456789012****:mfa/device001'),
  }(name='VirtualMFADevice', description='The information of the MFA device.'),
}

model CreateVirtualMFADeviceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateVirtualMFADeviceResponseBody(name='body'),
}

/**
 * @param request CreateVirtualMFADeviceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateVirtualMFADeviceResponse
 */
async function createVirtualMFADeviceWithOptions(request: CreateVirtualMFADeviceRequest, runtime: Util.RuntimeOptions): CreateVirtualMFADeviceResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.virtualMFADeviceName)) {
    query['VirtualMFADeviceName'] = request.virtualMFADeviceName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateVirtualMFADevice',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request CreateVirtualMFADeviceRequest
 * @return CreateVirtualMFADeviceResponse
 */
async function createVirtualMFADevice(request: CreateVirtualMFADeviceRequest): CreateVirtualMFADeviceResponse {
  var runtime = new Util.RuntimeOptions{};
  return createVirtualMFADeviceWithOptions(request, runtime);
}

model DecodeDiagnosticMessageRequest {
  encodedDiagnosticMessage?: string(name='EncodedDiagnosticMessage', description='The encoded diagnostic information in the response that contains an access denied error. The error is caused by no RAM permissions.', example='AQEAAAAAZBgxr0U1MjA1NTM1LUM4BBktMzE5RS1CODgxLUU1QTI0RDNFQTM1****'),
}

model DecodeDiagnosticMessageResponseBody = {
  decodedDiagnosticMessage?: {
    authAction?: string(name='AuthAction', description='The operation that is used for authentication in the request.', example='ram:DecodeDiagnosticMessage'),
    authConditions?: [ 
      {
        conditionKey?: string(name='ConditionKey', description='The key of the condition.', example='acs:SourceIp'),
        conditionValues?: [ string ](name='ConditionValues', description='The values that correspond to the key.'),
      }
    ](name='AuthConditions', description='The conditions that are used for authentication in the request.'),
    authPrincipal?: {
      authPrincipalDisplayName?: string(name='AuthPrincipalDisplayName', description='The identity.

*   If the operator is a RAM user, the ID of the user is displayed.
*   If the operator is a RAM role, the name and session name of the role are displayed. Example: RoleName:RoleSessionName.
*   If the operator is an SSO federated identity, the type and name of the identity provider (IdP) are displayed. Example: saml-provider/AzureAD.', example='28877424437521****'),
      authPrincipalOwnerId?: string(name='AuthPrincipalOwnerId', description='The ID of the Alibaba Cloud account to which the identity belongs.', example='196813200012****'),
      authPrincipalType?: string(name='AuthPrincipalType', description='The identity type that is used for authentication in the request.

Valid values:

*   SubUser: RAM user
*   AssumedRoleUser: RAM role
*   Federated: SSO federated identity', example='SubUser'),
    }(name='AuthPrincipal', description='The operator that is used for authentication in the request.'),
    authResource?: string(name='AuthResource', description='The resource that is used for authentication in the request.', example='*'),
    explicitDeny?: boolean(name='ExplicitDeny', description='Indicates whether the access denied error is caused by an explicit deny.

Valid values:

*   true

    <!-- -->

    <!-- -->

    <!-- -->

*   false

    <!-- -->

    <!-- -->

    <!-- -->', example='true'),
    matchedPolicies?: [ 
      {
        attachedEntityType?: string(name='AttachedEntityType', description='The type of the entity to which the policy is attached.

Valid values:

*   RamUser: RAM user
*   RamRole: RAM role
*   ResourceDirectoryTarget: entity in a resource directory
*   RamGroup: RAM user group', example='RamUser'),
        attachedScope?: string(name='AttachedScope', description='The authorization scope of the policy.

Valid values:

*   Account: Alibaba Cloud account
*   Folder: folder in the resource directory
*   ResourceGroup: resource group', example='Account'),
        effect?: string(name='Effect', description='The effect of the policy.

Valid values:

*   Deny

    <!-- -->

    <!-- -->

    <!-- -->

*   Allow

    <!-- -->

    <!-- -->

    <!-- -->', example='Deny'),
        policyIdentifier?: string(name='PolicyIdentifier', description='The identifier of the policy.

*   Control policy: the ID of the control policy
*   RAM policy: the name of the policy', example='MyPolicyName'),
        policyType?: string(name='PolicyType', description='The type of the policy.

Valid values:
*   Custom: custom policy
*   System: system policy', example='Custom'),
        policyVersion?: string(name='PolicyVersion', description='The version number of the policy.

> Only custom policies have version numbers.', example='v1'),
      }
    ](name='MatchedPolicies', description='The policies that are matched.'),
    noPermissionPolicyType?: string(name='NoPermissionPolicyType', description='The type of the policy that causes the access denied error.

Valid values:

*   AssumeRolePolicy: role-specific trust policy
*   ControlPolicy: control policy
*   AccountLevelIdentityBasedPolicy: identity-based policy at the account level
*   ResourceGroupLevelIdentityBasedPolicy: identity-based policy at the resource group level
*   SessionPolicy: session policy', example='AccountLevelIdentityBasedPolicy'),
  }(name='DecodedDiagnosticMessage', description='The decoded diagnostic information.'),
  requestId?: string(name='RequestId', description='The request ID.', example='D2331703-AADF-5564-BA9B-26CD51A33BA0'),
}

model DecodeDiagnosticMessageResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DecodeDiagnosticMessageResponseBody(name='body'),
}

/**
 * @summary Decodes the diagnostic information in the response that contains an access denied error. The error is caused by no RAM permissions.
 *
 * @param request DecodeDiagnosticMessageRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DecodeDiagnosticMessageResponse
 */
async function decodeDiagnosticMessageWithOptions(request: DecodeDiagnosticMessageRequest, runtime: Util.RuntimeOptions): DecodeDiagnosticMessageResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.encodedDiagnosticMessage)) {
    query['EncodedDiagnosticMessage'] = request.encodedDiagnosticMessage;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DecodeDiagnosticMessage',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Decodes the diagnostic information in the response that contains an access denied error. The error is caused by no RAM permissions.
 *
 * @param request DecodeDiagnosticMessageRequest
 * @return DecodeDiagnosticMessageResponse
 */
async function decodeDiagnosticMessage(request: DecodeDiagnosticMessageRequest): DecodeDiagnosticMessageResponse {
  var runtime = new Util.RuntimeOptions{};
  return decodeDiagnosticMessageWithOptions(request, runtime);
}

model DeleteAccessKeyRequest {
  userAccessKeyId?: string(name='UserAccessKeyId', description='The AccessKey ID in the AccessKey pair that you want to delete.', example='0wNEpMMlzy7s****'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model DeleteAccessKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model DeleteAccessKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteAccessKeyResponseBody(name='body'),
}

/**
 * @param request DeleteAccessKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteAccessKeyResponse
 */
async function deleteAccessKeyWithOptions(request: DeleteAccessKeyRequest, runtime: Util.RuntimeOptions): DeleteAccessKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userAccessKeyId)) {
    query['UserAccessKeyId'] = request.userAccessKeyId;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteAccessKey',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request DeleteAccessKeyRequest
 * @return DeleteAccessKeyResponse
 */
async function deleteAccessKey(request: DeleteAccessKeyRequest): DeleteAccessKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteAccessKeyWithOptions(request, runtime);
}

model DeleteGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.

If you want to query the name of a RAM user group, call the [ListGroups](https://help.aliyun.com/document_detail/28703.html) operation.', example='Dev-Team'),
}

model DeleteGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='FCF40AB5-881C-A0F9-334C-B0AD423AA69D'),
}

model DeleteGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteGroupResponseBody(name='body'),
}

/**
 * @description Before you delete a RAM user group, make sure that no policies are attached to the group and no RAM users are included in the group.
 *
 * @param request DeleteGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteGroupResponse
 */
async function deleteGroupWithOptions(request: DeleteGroupRequest, runtime: Util.RuntimeOptions): DeleteGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @description Before you delete a RAM user group, make sure that no policies are attached to the group and no RAM users are included in the group.
 *
 * @param request DeleteGroupRequest
 * @return DeleteGroupResponse
 */
async function deleteGroup(request: DeleteGroupRequest): DeleteGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteGroupWithOptions(request, runtime);
}

model DeleteLoginProfileRequest {
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model DeleteLoginProfileResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='1C488B66-B819-4D14-8711-C4EAAA13AC01'),
}

model DeleteLoginProfileResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteLoginProfileResponseBody(name='body'),
}

/**
 * @param request DeleteLoginProfileRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteLoginProfileResponse
 */
async function deleteLoginProfileWithOptions(request: DeleteLoginProfileRequest, runtime: Util.RuntimeOptions): DeleteLoginProfileResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteLoginProfile',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request DeleteLoginProfileRequest
 * @return DeleteLoginProfileResponse
 */
async function deleteLoginProfile(request: DeleteLoginProfileRequest): DeleteLoginProfileResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteLoginProfileWithOptions(request, runtime);
}

model DeletePolicyRequest {
  cascadingDelete?: boolean(name='CascadingDelete'),
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
}

model DeletePolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='898FAB24-7509-43EE-A287-086FE4C44394'),
}

model DeletePolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeletePolicyResponseBody(name='body'),
}

/**
 * @param request DeletePolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeletePolicyResponse
 */
async function deletePolicyWithOptions(request: DeletePolicyRequest, runtime: Util.RuntimeOptions): DeletePolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.cascadingDelete)) {
    query['CascadingDelete'] = request.cascadingDelete;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeletePolicy',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request DeletePolicyRequest
 * @return DeletePolicyResponse
 */
async function deletePolicy(request: DeletePolicyRequest): DeletePolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deletePolicyWithOptions(request, runtime);
}

model DeletePolicyVersionRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  versionId?: string(name='VersionId', description='The ID of the policy version.', example='v3'),
}

model DeletePolicyVersionResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model DeletePolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeletePolicyVersionResponseBody(name='body'),
}

/**
 * @param request DeletePolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeletePolicyVersionResponse
 */
async function deletePolicyVersionWithOptions(request: DeletePolicyVersionRequest, runtime: Util.RuntimeOptions): DeletePolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.versionId)) {
    query['VersionId'] = request.versionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeletePolicyVersion',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request DeletePolicyVersionRequest
 * @return DeletePolicyVersionResponse
 */
async function deletePolicyVersion(request: DeletePolicyVersionRequest): DeletePolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return deletePolicyVersionWithOptions(request, runtime);
}

model DeleteRoleRequest {
  roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
}

model DeleteRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='898FAB24-7509-43EE-A287-086FE4C44394'),
}

model DeleteRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteRoleResponseBody(name='body'),
}

/**
 * @param request DeleteRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteRoleResponse
 */
async function deleteRoleWithOptions(request: DeleteRoleRequest, runtime: Util.RuntimeOptions): DeleteRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteRole',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request DeleteRoleRequest
 * @return DeleteRoleResponse
 */
async function deleteRole(request: DeleteRoleRequest): DeleteRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteRoleWithOptions(request, runtime);
}

model DeleteUserRequest {
  userName?: string(name='UserName', description='The name of the RAM user.

The name must be 1 to 64 characters in length, and can contain letters, digits, periods (.), hyphens (-), and underscores (_).', example='zhangq****'),
}

model DeleteUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='1C488B66-B819-4D14-8711-C4EAAA13AC01'),
}

model DeleteUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteUserResponseBody(name='body'),
}

/**
 * @description Before you delete a RAM user, make sure that no policies are attached to the RAM user and that the RAM user does not belong to any groups.
 *
 * @param request DeleteUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteUserResponse
 */
async function deleteUserWithOptions(request: DeleteUserRequest, runtime: Util.RuntimeOptions): DeleteUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @description Before you delete a RAM user, make sure that no policies are attached to the RAM user and that the RAM user does not belong to any groups.
 *
 * @param request DeleteUserRequest
 * @return DeleteUserResponse
 */
async function deleteUser(request: DeleteUserRequest): DeleteUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteUserWithOptions(request, runtime);
}

model DeleteVirtualMFADeviceRequest {
  serialNumber?: string(name='SerialNumber', description='The serial number of the MFA device.', example='acs:ram::123456789012****:mfa/device002'),
}

model DeleteVirtualMFADeviceResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model DeleteVirtualMFADeviceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteVirtualMFADeviceResponseBody(name='body'),
}

/**
 * @param request DeleteVirtualMFADeviceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteVirtualMFADeviceResponse
 */
async function deleteVirtualMFADeviceWithOptions(request: DeleteVirtualMFADeviceRequest, runtime: Util.RuntimeOptions): DeleteVirtualMFADeviceResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.serialNumber)) {
    query['SerialNumber'] = request.serialNumber;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteVirtualMFADevice',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request DeleteVirtualMFADeviceRequest
 * @return DeleteVirtualMFADeviceResponse
 */
async function deleteVirtualMFADevice(request: DeleteVirtualMFADeviceRequest): DeleteVirtualMFADeviceResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteVirtualMFADeviceWithOptions(request, runtime);
}

model DetachPolicyFromGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='dev'),
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
}

model DetachPolicyFromGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model DetachPolicyFromGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachPolicyFromGroupResponseBody(name='body'),
}

/**
 * @summary Detaches a policy from a RAM user group.
 *
 * @param request DetachPolicyFromGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachPolicyFromGroupResponse
 */
async function detachPolicyFromGroupWithOptions(request: DetachPolicyFromGroupRequest, runtime: Util.RuntimeOptions): DetachPolicyFromGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachPolicyFromGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Detaches a policy from a RAM user group.
 *
 * @param request DetachPolicyFromGroupRequest
 * @return DetachPolicyFromGroupResponse
 */
async function detachPolicyFromGroup(request: DetachPolicyFromGroupRequest): DetachPolicyFromGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachPolicyFromGroupWithOptions(request, runtime);
}

model DetachPolicyFromRoleRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
  roleName?: string(name='RoleName', description='The name of the RAM role.', example='OSSAdminRole'),
}

model DetachPolicyFromRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model DetachPolicyFromRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachPolicyFromRoleResponseBody(name='body'),
}

/**
 * @summary Detaches a policy from a RAM role.
 *
 * @param request DetachPolicyFromRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachPolicyFromRoleResponse
 */
async function detachPolicyFromRoleWithOptions(request: DetachPolicyFromRoleRequest, runtime: Util.RuntimeOptions): DetachPolicyFromRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachPolicyFromRole',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Detaches a policy from a RAM role.
 *
 * @param request DetachPolicyFromRoleRequest
 * @return DetachPolicyFromRoleResponse
 */
async function detachPolicyFromRole(request: DetachPolicyFromRoleRequest): DetachPolicyFromRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachPolicyFromRoleWithOptions(request, runtime);
}

model DetachPolicyFromUserRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model DetachPolicyFromUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model DetachPolicyFromUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachPolicyFromUserResponseBody(name='body'),
}

/**
 * @summary Detaches a policy from a RAM user.
 *
 * @param request DetachPolicyFromUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachPolicyFromUserResponse
 */
async function detachPolicyFromUserWithOptions(request: DetachPolicyFromUserRequest, runtime: Util.RuntimeOptions): DetachPolicyFromUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachPolicyFromUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Detaches a policy from a RAM user.
 *
 * @param request DetachPolicyFromUserRequest
 * @return DetachPolicyFromUserResponse
 */
async function detachPolicyFromUser(request: DetachPolicyFromUserRequest): DetachPolicyFromUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachPolicyFromUserWithOptions(request, runtime);
}

model GetAccessKeyLastUsedRequest {
  userAccessKeyId?: string(name='UserAccessKeyId', example='LTAI4GFTgcR8m8cZQDTH****'),
  userName?: string(name='UserName', example='test'),
}

model GetAccessKeyLastUsedResponseBody = {
  accessKeyLastUsed?: {
    lastUsedDate?: string(name='LastUsedDate', example='2020-10-21T06:37:40Z'),
  }(name='AccessKeyLastUsed'),
  requestId?: string(name='RequestId', example='5CCE804C-6450-49A7-B1DB-2460F7A97416'),
}

model GetAccessKeyLastUsedResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetAccessKeyLastUsedResponseBody(name='body'),
}

/**
 * @param request GetAccessKeyLastUsedRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetAccessKeyLastUsedResponse
 */
async function getAccessKeyLastUsedWithOptions(request: GetAccessKeyLastUsedRequest, runtime: Util.RuntimeOptions): GetAccessKeyLastUsedResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userAccessKeyId)) {
    query['UserAccessKeyId'] = request.userAccessKeyId;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetAccessKeyLastUsed',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request GetAccessKeyLastUsedRequest
 * @return GetAccessKeyLastUsedResponse
 */
async function getAccessKeyLastUsed(request: GetAccessKeyLastUsedRequest): GetAccessKeyLastUsedResponse {
  var runtime = new Util.RuntimeOptions{};
  return getAccessKeyLastUsedWithOptions(request, runtime);
}

model GetAccountAliasResponseBody = {
  accountAlias?: string(name='AccountAlias', description='The alias of the Alibaba Cloud account.', example='myalias'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model GetAccountAliasResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetAccountAliasResponseBody(name='body'),
}

/**
 * @param request GetAccountAliasRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetAccountAliasResponse
 */
async function getAccountAliasWithOptions(runtime: Util.RuntimeOptions): GetAccountAliasResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'GetAccountAlias',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @return GetAccountAliasResponse
 */
async function getAccountAlias(): GetAccountAliasResponse {
  var runtime = new Util.RuntimeOptions{};
  return getAccountAliasWithOptions(runtime);
}

model GetGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
}

model GetGroupResponseBody = {
  group?: {
    comments?: string(name='Comments', description='The description of the RAM user group.', example='Dev-Team'),
    createDate?: string(name='CreateDate', description='The time when the RAM user group was created.', example='2015-01-23T12:33:18Z'),
    groupId?: string(name='GroupId', description='The ID of the RAM user group.', example='g-FpMEHiMysofp****'),
    groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
    updateDate?: string(name='UpdateDate', description='The time when the information of the RAM user group was updated.', example='2015-02-11T03:15:21Z'),
  }(name='Group', description='The information of the RAM user group.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='D4065824-E422-3ED6-68B1-1AF7D5C7804C'),
}

model GetGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetGroupResponseBody(name='body'),
}

/**
 * @summary Queries the information of a RAM user group.
 *
 * @param request GetGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetGroupResponse
 */
async function getGroupWithOptions(request: GetGroupRequest, runtime: Util.RuntimeOptions): GetGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information of a RAM user group.
 *
 * @param request GetGroupRequest
 * @return GetGroupResponse
 */
async function getGroup(request: GetGroupRequest): GetGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return getGroupWithOptions(request, runtime);
}

model GetLoginProfileRequest {
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model GetLoginProfileResponseBody = {
  loginProfile?: {
    createDate?: string(name='CreateDate', description='The time when the logon configurations were created.', example='2015-01-23T12:33:18Z'),
    MFABindRequired?: boolean(name='MFABindRequired', description='Indicates whether an MFA device must be attached to the RAM user upon logon.', example='true'),
    passwordResetRequired?: boolean(name='PasswordResetRequired', description='Indicates whether the RAM user must change the password upon logon.', example='true'),
    userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
  }(name='LoginProfile', description='The logon configurations of the RAM user.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model GetLoginProfileResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetLoginProfileResponseBody(name='body'),
}

/**
 * @param request GetLoginProfileRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetLoginProfileResponse
 */
async function getLoginProfileWithOptions(request: GetLoginProfileRequest, runtime: Util.RuntimeOptions): GetLoginProfileResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetLoginProfile',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request GetLoginProfileRequest
 * @return GetLoginProfileResponse
 */
async function getLoginProfile(request: GetLoginProfileRequest): GetLoginProfileResponse {
  var runtime = new Util.RuntimeOptions{};
  return getLoginProfileWithOptions(request, runtime);
}

model GetPasswordPolicyResponseBody = {
  passwordPolicy?: {
    hardExpiry?: boolean(name='HardExpiry', description='Indicates whether the password has expired.

Valid values: `true` and `false`. Default value: `false`.

*   If the value of this parameter is `true`, the parent Alibaba Cloud account must reset the password before the RAM user can log on to the console.
*   If the value of this parameter is `false`, the RAM user can change the password and then log on to the console.', example='false'),
    maxLoginAttemps?: int32(name='MaxLoginAttemps', description='The maximum number of permitted logon attempts within one hour. The number of logon attempts is reset to zero if a RAM user changes the password.', example='5'),
    maxPasswordAge?: int32(name='MaxPasswordAge', description='The number of days for which a password is valid. Default value: 0. The default value indicates that the password never expires.', example='0'),
    minimumPasswordLength?: int32(name='MinimumPasswordLength', description='The minimum required number of characters in a password.', example='12'),
    passwordReusePrevention?: int32(name='PasswordReusePrevention', description='The number of previous passwords that the user is prevented from reusing. Default value: 0. The default value indicates that the RAM user is not prevented from reusing previous passwords', example='0'),
    requireLowercaseCharacters?: boolean(name='RequireLowercaseCharacters', description='Indicates whether a password must contain one or more lowercase letters.', example='true'),
    requireNumbers?: boolean(name='RequireNumbers', description='Indicates whether a password must contain one or more digits.', example='true'),
    requireSymbols?: boolean(name='RequireSymbols', description='Indicates whether a password must contain one or more special characters.', example='true'),
    requireUppercaseCharacters?: boolean(name='RequireUppercaseCharacters', description='Indicates whether a password must contain one or more uppercase letters.', example='true'),
  }(name='PasswordPolicy', description='The policy to manage passwords.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model GetPasswordPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPasswordPolicyResponseBody(name='body'),
}

/**
 * @param request GetPasswordPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPasswordPolicyResponse
 */
async function getPasswordPolicyWithOptions(runtime: Util.RuntimeOptions): GetPasswordPolicyResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'GetPasswordPolicy',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @return GetPasswordPolicyResponse
 */
async function getPasswordPolicy(): GetPasswordPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPasswordPolicyWithOptions(runtime);
}

model GetPolicyRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
}

model GetPolicyResponseBody = {
  defaultPolicyVersion?: {
    createDate?: string(name='CreateDate', description='The time when the default policy version was created.', example='2015-01-23T12:33:18Z'),
    isDefaultVersion?: boolean(name='IsDefaultVersion', description='An attribute in the `DefaultPolicyVersion` parameter. The value of the `IsDefaultVersion` parameter is `true`.', example='true'),
    policyDocument?: string(name='PolicyDocument', description='The script of the default policy version.', example='{ "Statement": [{ "Action": ["oss:*"], "Effect": "Allow", "Resource": ["acs:oss:*:*:*"]}], "Version": "1"}'),
    versionId?: string(name='VersionId', description='The ID of the default policy version.', example='v1'),
  }(name='DefaultPolicyVersion', description='The information of the default policy version.'),
  policy?: {
    attachmentCount?: int32(name='AttachmentCount', description='The number of references to the policy.', example='0'),
    createDate?: string(name='CreateDate', description='The time when the policy was created.', example='2015-01-23T12:33:18Z'),
    defaultVersion?: string(name='DefaultVersion', description='The default version ID of the policy.', example='v1'),
    description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
    policyDocument?: string(name='PolicyDocument', description='This parameter is deprecated.', example='N/A'),
    policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
    policyType?: string(name='PolicyType', description='The type of the policy.', example='Custom'),
    updateDate?: string(name='UpdateDate', description='The time when the policy was modified.', example='2015-01-23T12:33:18Z'),
  }(name='Policy', description='The basic information of the policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model GetPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the information of a policy.
 *
 * @param request GetPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPolicyResponse
 */
async function getPolicyWithOptions(request: GetPolicyRequest, runtime: Util.RuntimeOptions): GetPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPolicy',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information of a policy.
 *
 * @param request GetPolicyRequest
 * @return GetPolicyResponse
 */
async function getPolicy(request: GetPolicyRequest): GetPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPolicyWithOptions(request, runtime);
}

model GetPolicyVersionRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
  versionId?: string(name='VersionId', description='The ID of the policy version.', example='v3'),
}

model GetPolicyVersionResponseBody = {
  policyVersion?: {
    createDate?: string(name='CreateDate', description='The time when the version was created.', example='2015-01-23T12:33:18Z'),
    isDefaultVersion?: boolean(name='IsDefaultVersion', description='Indicates whether the version is the default version.', example='false'),
    policyDocument?: string(name='PolicyDocument', description='The script of the policy.', example='{ "Statement": [{ "Action": ["oss:*"], "Effect": "Allow", "Resource": ["acs:oss:*:*:*"]}], "Version": "1"}'),
    versionId?: string(name='VersionId', description='The ID of the version.', example='v3'),
  }(name='PolicyVersion', description='The information of the policy version.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model GetPolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPolicyVersionResponseBody(name='body'),
}

/**
 * @summary Queries the information of a policy version.
 *
 * @param request GetPolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPolicyVersionResponse
 */
async function getPolicyVersionWithOptions(request: GetPolicyVersionRequest, runtime: Util.RuntimeOptions): GetPolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.versionId)) {
    query['VersionId'] = request.versionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPolicyVersion',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information of a policy version.
 *
 * @param request GetPolicyVersionRequest
 * @return GetPolicyVersionResponse
 */
async function getPolicyVersion(request: GetPolicyVersionRequest): GetPolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPolicyVersionWithOptions(request, runtime);
}

model GetRoleRequest {
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length, and can contain letters, digits, periods (.), and hyphens (-).', example='ECSAdmin'),
}

model GetRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  role?: {
    arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the RAM role.', example='acs:ram::123456789012****:role/ECSAdmin'),
    assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The content of the policy that specifies one or more entities entrusted to assume the RAM role.', example='{ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::123456789012****:root" } } ], "Version": "1" }'),
    createDate?: string(name='CreateDate', description='The time when the RAM role was created.', example='2015-01-23T12:33:18Z'),
    description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
    maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
    roleId?: string(name='RoleId', description='The ID of the RAM role.', example='901234567890****'),
    roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
    updateDate?: string(name='UpdateDate', description='The time when the RAM role was modified.', example='2015-01-23T12:33:18Z'),
  }(name='Role', description='The information of the RAM role.'),
}

model GetRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetRoleResponseBody(name='body'),
}

/**
 * @summary Queries information of a RAM role.
 *
 * @param request GetRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetRoleResponse
 */
async function getRoleWithOptions(request: GetRoleRequest, runtime: Util.RuntimeOptions): GetRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetRole',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries information of a RAM role.
 *
 * @param request GetRoleRequest
 * @return GetRoleResponse
 */
async function getRole(request: GetRoleRequest): GetRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return getRoleWithOptions(request, runtime);
}

model GetSecurityPreferenceResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='DC1213F1-A9D5-4A01-A996-44983689126C'),
  securityPreference?: {
    accessKeyPreference?: {
      allowUserToManageAccessKeys?: boolean(name='AllowUserToManageAccessKeys', description='Indicates whether RAM users can manage their AccessKey pairs. Valid values:

*   true: RAM users can manage their AccessKey pairs.
*   false: RAM users cannot manage their AccessKey pairs.', example='false'),
    }(name='AccessKeyPreference', description='The AccessKey pair preference.'),
    loginProfilePreference?: {
      allowUserToChangePassword?: boolean(name='AllowUserToChangePassword', description='Indicates whether RAM users can change their passwords. Valid values:

*   true: RAM users can change their passwords.
*   false: RAM users cannot change their passwords.', example='true'),
      enableSaveMFATicket?: boolean(name='EnableSaveMFATicket', description='Indicates whether RAM users can save security codes for multi-factor authentication (MFA) during logon. Each security code is valid for seven days. Valid values:

*   true: RAM users can save MFA security codes during logon.
*   false: RAM users cannot save MFA security codes during logon.', example='false'),
      loginNetworkMasks?: string(name='LoginNetworkMasks', description='The subnet mask that indicates the IP addresses from which logon to the Alibaba Cloud Management Console is allowed. This parameter applies to password-based logon and single sign-on (SSO). However, this parameter does not apply to API calls that are authenticated based on AccessKey pairs.

*   If a subnet mask is specified, RAM users can log on to the Alibaba Cloud Management Console only by using the IP addresses in the subnetwork.
*   If no subnet mask is specified, RAM users can log on to the Alibaba Cloud Management Console by using all IP addresses.

If more than one subnet mask is specified, the masks are separated with semicolons (;), for example, 192.168.0.0/16;10.0.0.0/8.', example='10.0.0.0/8'),
      loginSessionDuration?: int32(name='LoginSessionDuration', description='The validity period of a logon session of a RAM user. Unit: hours.', example='6'),
    }(name='LoginProfilePreference', description='The logon preferences.'),
    MFAPreference?: {
      allowUserToManageMFADevices?: boolean(name='AllowUserToManageMFADevices', description='Indicates whether RAM users can manage their MFA devices. Valid values:

*   true: RAM users can manage their MFA devices.
*   false: RAM users cannot manage their MFA devices.', example='true'),
    }(name='MFAPreference', description='The MFA preference.'),
    publicKeyPreference?: {
      allowUserToManagePublicKeys?: boolean(name='AllowUserToManagePublicKeys', description='Indicates whether RAM users can manage their public keys. Valid values:

*   true: RAM users can manage their public keys.
*   false: RAM users cannot manage their public keys.', example='false'),
    }(name='PublicKeyPreference', description='The public key preference.

>  The public key preference is valid only for the Japan site.'),
  }(name='SecurityPreference', description='The security preferences.'),
}

model GetSecurityPreferenceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetSecurityPreferenceResponseBody(name='body'),
}

/**
 * @param request GetSecurityPreferenceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetSecurityPreferenceResponse
 */
async function getSecurityPreferenceWithOptions(runtime: Util.RuntimeOptions): GetSecurityPreferenceResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'GetSecurityPreference',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @return GetSecurityPreferenceResponse
 */
async function getSecurityPreference(): GetSecurityPreferenceResponse {
  var runtime = new Util.RuntimeOptions{};
  return getSecurityPreferenceWithOptions(runtime);
}

model GetUserRequest {
  userName?: string(name='UserName', description='The username of the RAM user.

The username must be 1 to 64 characters in length, and can contain letters, digits, periods (.), hyphens (-), and underscores (_).', example='alice'),
}

model GetUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='2D69A58F-345C-4FDE-88E4-BF5189484043'),
  user?: {
    comments?: string(name='Comments', description='The description of the RAM user.', example='Cloud computing engineer'),
    createDate?: string(name='CreateDate', description='The point in time when the RAM user was created. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
    displayName?: string(name='DisplayName', description='The display name of the RAM user.', example='alice'),
    email?: string(name='Email', description='The email address of the RAM user.

>  This parameter can be returned only on the China site (aliyun.com).', example='alice@example.com'),
    lastLoginDate?: string(name='LastLoginDate', description='The point in time when the RAM user last logged on to the Alibaba Cloud Management Console by using the password. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
    mobilePhone?: string(name='MobilePhone', description='The mobile phone number of the RAM user.

>  This parameter can be returned only on the China site (aliyun.com).', example='86-1860000****'),
    updateDate?: string(name='UpdateDate', description='The point in time when the information about the RAM user was last modified. The time is displayed in UTC.', example='2015-02-11T03:15:21Z'),
    userId?: string(name='UserId', description='The ID of the RAM user.', example='222748924538****'),
    userName?: string(name='UserName', description='The username of the RAM user.', example='alice'),
  }(name='User', description='The information about the RAM user.'),
}

model GetUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetUserResponseBody(name='body'),
}

/**
 * @summary Queries the information about a RAM user.
 *
 * @description This topic provides an example on how to query the information about the RAM user `alice`.
 *
 * @param request GetUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetUserResponse
 */
async function getUserWithOptions(request: GetUserRequest, runtime: Util.RuntimeOptions): GetUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about a RAM user.
 *
 * @description This topic provides an example on how to query the information about the RAM user `alice`.
 *
 * @param request GetUserRequest
 * @return GetUserResponse
 */
async function getUser(request: GetUserRequest): GetUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return getUserWithOptions(request, runtime);
}

model GetUserMFAInfoRequest {
  userName?: string(name='UserName', description='The username of the RAM user.', example='test'),
}

model GetUserMFAInfoResponseBody = {
  MFADevice?: {
    serialNumber?: string(name='SerialNumber', description='The serial number of the MFA device.', example='acs:ram::177242285274****:mfa/test'),
    type?: string(name='Type', description='The type of the MFA device. Valid values:

*   VMFA: virtual MFA device
*   U2F: Universal 2nd Factor (U2F) security key', example='VMFA'),
  }(name='MFADevice', description='The information about the MFA device that is attached to the RAM user.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model GetUserMFAInfoResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetUserMFAInfoResponseBody(name='body'),
}

/**
 * @param request GetUserMFAInfoRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetUserMFAInfoResponse
 */
async function getUserMFAInfoWithOptions(request: GetUserMFAInfoRequest, runtime: Util.RuntimeOptions): GetUserMFAInfoResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetUserMFAInfo',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request GetUserMFAInfoRequest
 * @return GetUserMFAInfoResponse
 */
async function getUserMFAInfo(request: GetUserMFAInfoRequest): GetUserMFAInfoResponse {
  var runtime = new Util.RuntimeOptions{};
  return getUserMFAInfoWithOptions(request, runtime);
}

model ListAccessKeysRequest {
  userName?: string(name='UserName', description='The name of the RAM user. If a RAM user calls this operation and does not specify this parameter, the AccessKey pairs of the RAM user are returned.', example='zhangq****'),
}

model ListAccessKeysResponseBody = {
  accessKeys?: {
    accessKey?: [ 
    {
      accessKeyId?: string(name='AccessKeyId', description='The AccessKey ID.', example='0wNEpMMlzy7s****'),
      createDate?: string(name='CreateDate', description='The time when the AccessKey pair was created.', example='2015-01-23T12:33:18Z'),
      status?: string(name='Status', description='The status of the AccessKey pair. Valid values: Active and Inactive.', example='Active'),
    }
  ](name='AccessKey')
  }(name='AccessKeys', description='The list of AccessKey pairs that belong to the RAM user.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='4B450CA1-36E8-4AA2-8461-86B42BF4CC4E'),
}

model ListAccessKeysResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListAccessKeysResponseBody(name='body'),
}

/**
 * @summary Queries the list of all AccessKey pairs that belong to a RAM user.
 *
 * @param request ListAccessKeysRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListAccessKeysResponse
 */
async function listAccessKeysWithOptions(request: ListAccessKeysRequest, runtime: Util.RuntimeOptions): ListAccessKeysResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListAccessKeys',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the list of all AccessKey pairs that belong to a RAM user.
 *
 * @param request ListAccessKeysRequest
 * @return ListAccessKeysResponse
 */
async function listAccessKeys(request: ListAccessKeysRequest): ListAccessKeysResponse {
  var runtime = new Util.RuntimeOptions{};
  return listAccessKeysWithOptions(request, runtime);
}

model ListEntitiesForPolicyRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
}

model ListEntitiesForPolicyResponseBody = {
  groups?: {
    group?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time when the policy was attached to the RAM user group.', example='2015-02-18T17:22:08Z'),
      comments?: string(name='Comments', description='The description of the RAM user group.', example='Test team'),
      groupName?: string(name='GroupName', description='The name of the RAM user group.', example='QA-Team'),
    }
  ](name='Group')
  }(name='Groups', description='The list of the RAM user groups.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  roles?: {
    role?: [ 
    {
      arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the RAM role.', example='acs:ram::123456789012****:role/ECSAdmin'),
      attachDate?: string(name='AttachDate', description='The time when the policy was attached to the RAM user.', example='2015-01-23T12:33:18Z'),
      description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
      roleId?: string(name='RoleId', description='The ID of the RAM role.', example='122748924538****'),
      roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
    }
  ](name='Role')
  }(name='Roles', description='The information of RAM roles.'),
  users?: {
    user?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time when the policy was attached to the RAM user.', example='2015-01-23T12:33:18Z'),
      displayName?: string(name='DisplayName', description='The display name of the RAM user.', example='Zhang*'),
      userId?: string(name='UserId', description='The unique ID of the RAM user.', example='122748924538****'),
      userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
    }
  ](name='User')
  }(name='Users', description='The list of the RAM users to which the policy is attached.'),
}

model ListEntitiesForPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListEntitiesForPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the entities to which a policy is attached.
 *
 * @param request ListEntitiesForPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListEntitiesForPolicyResponse
 */
async function listEntitiesForPolicyWithOptions(request: ListEntitiesForPolicyRequest, runtime: Util.RuntimeOptions): ListEntitiesForPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListEntitiesForPolicy',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the entities to which a policy is attached.
 *
 * @param request ListEntitiesForPolicyRequest
 * @return ListEntitiesForPolicyResponse
 */
async function listEntitiesForPolicy(request: ListEntitiesForPolicyRequest): ListEntitiesForPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return listEntitiesForPolicyWithOptions(request, runtime);
}

model ListGroupsRequest {
  marker?: string(name='Marker', description='The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', example='EXAMPLE'),
  maxItems?: int32(name='MaxItems', description='The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` is `true`.

Valid values: 1 to 1000. Default value: 100.', example='100'),
}

model ListGroupsResponseBody = {
  groups?: {
    group?: [ 
    {
      comments?: string(name='Comments', description='The description of the RAM user group.', example='Dev-Team'),
      createDate?: string(name='CreateDate', description='The time when the RAM user group was created.', example='2015-01-23T12:33:18Z'),
      groupId?: string(name='GroupId', description='The ID of the RAM user group.', example='g-FpMEHiMysofp****'),
      groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
      updateDate?: string(name='UpdateDate', description='The time when the information of the RAM user group was updated.', example='2015-01-23T12:33:18Z'),
    }
  ](name='Group')
  }(name='Groups', description='The list of the RAM user groups.'),
  isTruncated?: boolean(name='IsTruncated', description='Indicates whether the response is truncated.', example='true'),
  marker?: string(name='Marker', description='The marker. This parameter is returned only if the value of `IsTruncated` is `true`. If `true` is returned, you can call this operation again and set the `Marker` parameter to obtain the truncated part.', example='EXAMPLE'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='065527AA-2F2E-AD7C-7484-F2626CFE4934'),
}

model ListGroupsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListGroupsResponseBody(name='body'),
}

/**
 * @summary Queries RAM user groups.
 *
 * @param request ListGroupsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListGroupsResponse
 */
async function listGroupsWithOptions(request: ListGroupsRequest, runtime: Util.RuntimeOptions): ListGroupsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.marker)) {
    query['Marker'] = request.marker;
  }
  if (!Util.isUnset(request.maxItems)) {
    query['MaxItems'] = request.maxItems;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListGroups',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries RAM user groups.
 *
 * @param request ListGroupsRequest
 * @return ListGroupsResponse
 */
async function listGroups(request: ListGroupsRequest): ListGroupsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listGroupsWithOptions(request, runtime);
}

model ListGroupsForUserRequest {
  userName?: string(name='UserName', description='The username of the RAM user.', example='Alice'),
}

model ListGroupsForUserResponseBody = {
  groups?: {
    group?: [ 
    {
      comments?: string(name='Comments', description='The description of the RAM user group.', example='Dev-Team'),
      groupId?: string(name='GroupId', description='The ID of the RAM user group.', example='g-zYtroLrgbZR1****'),
      groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
      joinDate?: string(name='JoinDate', description='The time when the RAM user joined the RAM user group.', example='2015-01-23T12:33:18Z'),
    }
  ](name='Group')
  }(name='Groups', description='The list of the RAM user groups.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='DA772B52-BF9F-54CA-AC77-AA7A2DA89D46'),
}

model ListGroupsForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListGroupsForUserResponseBody(name='body'),
}

/**
 * @summary Queries the Resource Access Management (RAM) user groups to which a RAM user belongs.
 *
 * @description This topic provides an example on how to query the RAM user groups to which the RAM user `Alice` belongs. The response shows that `Alice` belongs to the RAM user group named `Dev-Team`.
 *
 * @param request ListGroupsForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListGroupsForUserResponse
 */
async function listGroupsForUserWithOptions(request: ListGroupsForUserRequest, runtime: Util.RuntimeOptions): ListGroupsForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListGroupsForUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the Resource Access Management (RAM) user groups to which a RAM user belongs.
 *
 * @description This topic provides an example on how to query the RAM user groups to which the RAM user `Alice` belongs. The response shows that `Alice` belongs to the RAM user group named `Dev-Team`.
 *
 * @param request ListGroupsForUserRequest
 * @return ListGroupsForUserResponse
 */
async function listGroupsForUser(request: ListGroupsForUserRequest): ListGroupsForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listGroupsForUserWithOptions(request, runtime);
}

model ListPoliciesRequest {
  marker?: string(name='Marker', description='The `Marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', example='EXAMPLE'),
  maxItems?: int32(name='MaxItems', description='The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.

Valid values: 1 to 1000. Default value: 100.', example='100'),
  policyType?: string(name='PolicyType', description='The type of the `Policy`. Valid values: `System` and `Custom`. If you do not specify the parameter, all policies are returned.', example='System'),
  tag?: [ 
    {
      key?: string(name='Key'),
      value?: string(name='Value'),
    }
  ](name='Tag'),
}

model ListPoliciesShrinkRequest {
  marker?: string(name='Marker', description='The `Marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', example='EXAMPLE'),
  maxItems?: int32(name='MaxItems', description='The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.

Valid values: 1 to 1000. Default value: 100.', example='100'),
  policyType?: string(name='PolicyType', description='The type of the `Policy`. Valid values: `System` and `Custom`. If you do not specify the parameter, all policies are returned.', example='System'),
  tagShrink?: string(name='Tag'),
}

model ListPoliciesResponseBody = {
  isTruncated?: boolean(name='IsTruncated', description='Indicates whether the response is truncated.', example='true'),
  marker?: string(name='Marker', description='The marker. This parameter is returned only if the value of `IsTruncated` is `true`. If the value of IsTruncated is `true`, you can call this operation again and set `Marker` to obtain the truncated part.', example='EXAMPLE'),
  policies?: {
    policy?: [ 
    {
      attachmentCount?: int32(name='AttachmentCount', description='The number of references to the policy.', example='3'),
      createDate?: string(name='CreateDate', description='The time when the policy was created.', example='2015-01-23T12:33:18Z'),
      defaultVersion?: string(name='DefaultVersion', description='The default version of the policy.', example='v1'),
      description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
      policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
      policyType?: string(name='PolicyType', description='The type of the policy.', example='System'),
      tags?: {
        tag?: [ 
        {
          tagKey?: string(name='TagKey'),
          tagValue?: string(name='TagValue'),
        }
      ](name='Tag')
      }(name='Tags'),
      updateDate?: string(name='UpdateDate', description='The time when the policy was modified.', example='2015-01-23T12:33:18Z'),
    }
  ](name='Policy')
  }(name='Policies', description='The list of policies.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model ListPoliciesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPoliciesResponseBody(name='body'),
}

/**
 * @summary Queries a list of policies.
 *
 * @param tmpReq ListPoliciesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPoliciesResponse
 */
async function listPoliciesWithOptions(tmpReq: ListPoliciesRequest, runtime: Util.RuntimeOptions): ListPoliciesResponse {
  Util.validateModel(tmpReq);
  var request = new ListPoliciesShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.tag)) {
    request.tagShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.tag, 'Tag', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.marker)) {
    query['Marker'] = request.marker;
  }
  if (!Util.isUnset(request.maxItems)) {
    query['MaxItems'] = request.maxItems;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.tagShrink)) {
    query['Tag'] = request.tagShrink;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPolicies',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries a list of policies.
 *
 * @param request ListPoliciesRequest
 * @return ListPoliciesResponse
 */
async function listPolicies(request: ListPoliciesRequest): ListPoliciesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPoliciesWithOptions(request, runtime);
}

model ListPoliciesForGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='dev'),
}

model ListPoliciesForGroupResponseBody = {
  policies?: {
    policy?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time when the policy was attached to the RAM user group.', example='2015-01-23T12:33:18Z'),
      defaultVersion?: string(name='DefaultVersion', description='The default version of the policy.', example='v1'),
      description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
      policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
      policyType?: string(name='PolicyType', description='The type of the policy.', example='Custom'),
    }
  ](name='Policy')
  }(name='Policies', description='The list of the policies that are attached to the RAM user group.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model ListPoliciesForGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPoliciesForGroupResponseBody(name='body'),
}

/**
 * @summary Queries the policies that are attached to a RAM user group.
 *
 * @param request ListPoliciesForGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPoliciesForGroupResponse
 */
async function listPoliciesForGroupWithOptions(request: ListPoliciesForGroupRequest, runtime: Util.RuntimeOptions): ListPoliciesForGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPoliciesForGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the policies that are attached to a RAM user group.
 *
 * @param request ListPoliciesForGroupRequest
 * @return ListPoliciesForGroupResponse
 */
async function listPoliciesForGroup(request: ListPoliciesForGroupRequest): ListPoliciesForGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPoliciesForGroupWithOptions(request, runtime);
}

model ListPoliciesForRoleRequest {
  roleName?: string(name='RoleName', description='The name of the RAM role.', example='AdminRole'),
}

model ListPoliciesForRoleResponseBody = {
  policies?: {
    policy?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time when the policy was attached to the RAM role.', example='2015-01-23T12:33:18Z'),
      defaultVersion?: string(name='DefaultVersion', description='The default version of the policy.', example='v1'),
      description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
      policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
      policyType?: string(name='PolicyType', description='The type of the policy.', example='Custom'),
    }
  ](name='Policy')
  }(name='Policies', description='The list of the policies that are attached to the RAM role.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model ListPoliciesForRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPoliciesForRoleResponseBody(name='body'),
}

/**
 * @summary Queries the policies that are attached to a RAM role.
 *
 * @param request ListPoliciesForRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPoliciesForRoleResponse
 */
async function listPoliciesForRoleWithOptions(request: ListPoliciesForRoleRequest, runtime: Util.RuntimeOptions): ListPoliciesForRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPoliciesForRole',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the policies that are attached to a RAM role.
 *
 * @param request ListPoliciesForRoleRequest
 * @return ListPoliciesForRoleResponse
 */
async function listPoliciesForRole(request: ListPoliciesForRoleRequest): ListPoliciesForRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPoliciesForRoleWithOptions(request, runtime);
}

model ListPoliciesForUserRequest {
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model ListPoliciesForUserResponseBody = {
  policies?: {
    policy?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time at which the policy is attached to the RAM user. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
      defaultVersion?: string(name='DefaultVersion', description='The current version.', example='v1'),
      description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
      policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
      policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   System: system policy
*   Custom: custom policy', example='Custom'),
    }
  ](name='Policy')
  }(name='Policies', description='The information about the policy.'),
  requestId?: string(name='RequestId', description='The request ID.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model ListPoliciesForUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPoliciesForUserResponseBody(name='body'),
}

/**
 * @summary Queries the policies that are attached to a RAM user.
 *
 * @description > You can call this operation to query only the policies that are attached to Alibaba Cloud accounts. You cannot query the policies that are attached to resource groups.
 *
 * @param request ListPoliciesForUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPoliciesForUserResponse
 */
async function listPoliciesForUserWithOptions(request: ListPoliciesForUserRequest, runtime: Util.RuntimeOptions): ListPoliciesForUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPoliciesForUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the policies that are attached to a RAM user.
 *
 * @description > You can call this operation to query only the policies that are attached to Alibaba Cloud accounts. You cannot query the policies that are attached to resource groups.
 *
 * @param request ListPoliciesForUserRequest
 * @return ListPoliciesForUserResponse
 */
async function listPoliciesForUser(request: ListPoliciesForUserRequest): ListPoliciesForUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPoliciesForUserWithOptions(request, runtime);
}

model ListPolicyVersionsRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values: `System` and `Custom`.', example='Custom'),
}

model ListPolicyVersionsResponseBody = {
  policyVersions?: {
    policyVersion?: [ 
    {
      createDate?: string(name='CreateDate', description='The time when the version was created.', example='2015-02-26T01:25:52Z'),
      isDefaultVersion?: boolean(name='IsDefaultVersion', description='Indicates whether the version is the default version.', example='false'),
      policyDocument?: string(name='PolicyDocument', description='The script of the policy.', example='{ "Statement": [{ "Action": ["oss:*"], "Effect": "Allow", "Resource": ["acs:oss:*:*:*"]}], "Version": "1"}'),
      versionId?: string(name='VersionId', description='The ID of the version.', example='v3'),
    }
  ](name='PolicyVersion')
  }(name='PolicyVersions', description='The list of the policy versions.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model ListPolicyVersionsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPolicyVersionsResponseBody(name='body'),
}

/**
 * @summary Queries the versions of a policy.
 *
 * @param request ListPolicyVersionsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPolicyVersionsResponse
 */
async function listPolicyVersionsWithOptions(request: ListPolicyVersionsRequest, runtime: Util.RuntimeOptions): ListPolicyVersionsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPolicyVersions',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the versions of a policy.
 *
 * @param request ListPolicyVersionsRequest
 * @return ListPolicyVersionsResponse
 */
async function listPolicyVersions(request: ListPolicyVersionsRequest): ListPolicyVersionsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPolicyVersionsWithOptions(request, runtime);
}

model ListRolesRequest {
  marker?: string(name='Marker', description='The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', example='EXAMPLE'),
  maxItems?: int32(name='MaxItems', description='The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.

Valid values: 1 to 1000. Default value: 100.', example='100'),
  tag?: [ 
    {
      key?: string(name='Key'),
      value?: string(name='Value'),
    }
  ](name='Tag'),
}

model ListRolesShrinkRequest {
  marker?: string(name='Marker', description='The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', example='EXAMPLE'),
  maxItems?: int32(name='MaxItems', description='The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.

Valid values: 1 to 1000. Default value: 100.', example='100'),
  tagShrink?: string(name='Tag'),
}

model ListRolesResponseBody = {
  isTruncated?: boolean(name='IsTruncated', description='Indicates whether the response is truncated.', example='true'),
  marker?: string(name='Marker', description='The marker. This parameter is returned only if the value of `IsTruncated` is `true`. If the value is `true`, you can call this operation again and set the `Marker` parameter to obtain the truncated part.', example='EXAMPLE'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  roles?: {
    role?: [ 
    {
      arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the RAM role.', example='acs:ram::123456789012****:role/ECSAdmin'),
      createDate?: string(name='CreateDate', description='The time when the RAM role was created.', example='2015-01-23T12:33:18Z'),
      description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
      maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
      roleId?: string(name='RoleId', description='The ID of the RAM role.', example='901234567890****'),
      roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
      tags?: {
        tag?: [ 
        {
          tagKey?: string(name='TagKey'),
          tagValue?: string(name='TagValue'),
        }
      ](name='Tag')
      }(name='Tags'),
      updateDate?: string(name='UpdateDate', description='The time when the RAM role was modified.', example='2015-01-23T12:33:18Z'),
    }
  ](name='Role')
  }(name='Roles', description='The information of RAM roles.'),
}

model ListRolesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListRolesResponseBody(name='body'),
}

/**
 * @summary Queries the list of all RAM roles.
 *
 * @param tmpReq ListRolesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListRolesResponse
 */
async function listRolesWithOptions(tmpReq: ListRolesRequest, runtime: Util.RuntimeOptions): ListRolesResponse {
  Util.validateModel(tmpReq);
  var request = new ListRolesShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.tag)) {
    request.tagShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.tag, 'Tag', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.marker)) {
    query['Marker'] = request.marker;
  }
  if (!Util.isUnset(request.maxItems)) {
    query['MaxItems'] = request.maxItems;
  }
  if (!Util.isUnset(request.tagShrink)) {
    query['Tag'] = request.tagShrink;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListRoles',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the list of all RAM roles.
 *
 * @param request ListRolesRequest
 * @return ListRolesResponse
 */
async function listRoles(request: ListRolesRequest): ListRolesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listRolesWithOptions(request, runtime);
}

model ListUsersRequest {
  marker?: string(name='Marker', description='The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', example='EXAMPLE'),
  maxItems?: int32(name='MaxItems', description='The number of entries per page. If a response is truncated because it reaches the value of MaxItems, the value of `IsTruncatedg` will be `true`.

Valid values: 1 to 1000. Default value: 100.', example='100'),
}

model ListUsersResponseBody = {
  isTruncated?: boolean(name='IsTruncated', description='Indicates whether the response is truncated.', example='true'),
  marker?: string(name='Marker', description='The marker. This parameter is returned only if the value of `IsTruncated` is `true`. If the parameter is returned, you can call this operation again and set `Marker` to obtain the truncated part.``', example='EXAMPLE'),
  requestId?: string(name='RequestId', description='The request ID.', example='4B450CA1-36E8-4AA2-8461-86B42BF4CC4E'),
  users?: {
    user?: [ 
    {
      comments?: string(name='Comments', description='The description.', example='Cloud computing engineer'),
      createDate?: string(name='CreateDate', description='The time when the RAM user was created. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
      displayName?: string(name='DisplayName', description='The display name of the RAM user.', example='Zhangq****'),
      email?: string(name='Email', description='The email address of the RAM user.

> This parameter is unavailable.', example='zhangq****@example.com'),
      mobilePhone?: string(name='MobilePhone', description='The mobile phone number of the RAM user.

> This parameter is unavailable.', example='86-1860000****'),
      updateDate?: string(name='UpdateDate', description='The point in time when the information about the RAM user was last modified. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
      userId?: string(name='UserId', description='The ID of the RAM user.', example='122748924538****'),
      userName?: string(name='UserName', description='The logon name of the RAM user.', example='zhangq****'),
    }
  ](name='User')
  }(name='Users', description='The RAM users.'),
}

model ListUsersResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListUsersResponseBody(name='body'),
}

/**
 * @summary Queries the information about all RAM users.
 *
 * @param request ListUsersRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListUsersResponse
 */
async function listUsersWithOptions(request: ListUsersRequest, runtime: Util.RuntimeOptions): ListUsersResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.marker)) {
    query['Marker'] = request.marker;
  }
  if (!Util.isUnset(request.maxItems)) {
    query['MaxItems'] = request.maxItems;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListUsers',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about all RAM users.
 *
 * @param request ListUsersRequest
 * @return ListUsersResponse
 */
async function listUsers(request: ListUsersRequest): ListUsersResponse {
  var runtime = new Util.RuntimeOptions{};
  return listUsersWithOptions(request, runtime);
}

model ListUsersForGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
  marker?: string(name='Marker', description='The `marker`. If part of a previous response is truncated, you can use this parameter to obtain the truncated part.', example='EXAMPLE'),
  maxItems?: int32(name='MaxItems', description='The number of entries to return. If a response is truncated because it reaches the value of `MaxItems`, the value of `IsTruncated` will be `true`.

Valid values: 1 to 1000. Default value: 100.', example='100'),
}

model ListUsersForGroupResponseBody = {
  isTruncated?: boolean(name='IsTruncated', description='Indicates whether the response is truncated.', example='true'),
  marker?: string(name='Marker', description='The marker. This parameter is returned only if the value of `IsTruncated` is `true`. If the value of IsTruncated is `true`, you can call this operation again and set `marker` to obtain the truncated part.', example='EXAMPLE'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='4B450CA1-36E8-4AA2-8461-86B42BF4CC4E'),
  users?: {
    user?: [ 
    {
      displayName?: string(name='DisplayName', description='The display name of the RAM user.', example='Alice'),
      joinDate?: string(name='JoinDate', description='The time when the RAM user joined the RAM user group.', example='2015-01-23T12:33:18Z'),
      userName?: string(name='UserName', description='The name of the RAM user.', example='zhangqiang'),
    }
  ](name='User')
  }(name='Users', description='The list of the RAM users.'),
}

model ListUsersForGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListUsersForGroupResponseBody(name='body'),
}

/**
 * @param request ListUsersForGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListUsersForGroupResponse
 */
async function listUsersForGroupWithOptions(request: ListUsersForGroupRequest, runtime: Util.RuntimeOptions): ListUsersForGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.marker)) {
    query['Marker'] = request.marker;
  }
  if (!Util.isUnset(request.maxItems)) {
    query['MaxItems'] = request.maxItems;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListUsersForGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request ListUsersForGroupRequest
 * @return ListUsersForGroupResponse
 */
async function listUsersForGroup(request: ListUsersForGroupRequest): ListUsersForGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return listUsersForGroupWithOptions(request, runtime);
}

model ListVirtualMFADevicesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  virtualMFADevices?: {
    virtualMFADevice?: [ 
    {
      activateDate?: string(name='ActivateDate', description='The time when the MFA device was enabled.', example='2015-02-18T17:22:08Z'),
      serialNumber?: string(name='SerialNumber', description='The serial number of the MFA device.', example='acs:ram::123456789012****:mfa/device002'),
      user?: {
        displayName?: string(name='DisplayName', description='The display name of the RAM user.', example='zhangq****'),
        userId?: string(name='UserId', description='The unique ID of the RAM user.', example='122748924538****'),
        userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
      }(name='User', description='The basic information of the RAM user to which the MFA device is attached.'),
    }
  ](name='VirtualMFADevice')
  }(name='VirtualMFADevices', description='The list of MFA devices.'),
}

model ListVirtualMFADevicesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListVirtualMFADevicesResponseBody(name='body'),
}

/**
 * @summary Queries the list of all multi-factor authentication (MFA) devices.
 *
 * @param request ListVirtualMFADevicesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListVirtualMFADevicesResponse
 */
async function listVirtualMFADevicesWithOptions(runtime: Util.RuntimeOptions): ListVirtualMFADevicesResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'ListVirtualMFADevices',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the list of all multi-factor authentication (MFA) devices.
 *
 * @return ListVirtualMFADevicesResponse
 */
async function listVirtualMFADevices(): ListVirtualMFADevicesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listVirtualMFADevicesWithOptions(runtime);
}

model RemoveUserFromGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model RemoveUserFromGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='A07EF215-B9B3-8CB2-2899-3F9575C6E320'),
}

model RemoveUserFromGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RemoveUserFromGroupResponseBody(name='body'),
}

/**
 * @param request RemoveUserFromGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RemoveUserFromGroupResponse
 */
async function removeUserFromGroupWithOptions(request: RemoveUserFromGroupRequest, runtime: Util.RuntimeOptions): RemoveUserFromGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RemoveUserFromGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request RemoveUserFromGroupRequest
 * @return RemoveUserFromGroupResponse
 */
async function removeUserFromGroup(request: RemoveUserFromGroupRequest): RemoveUserFromGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return removeUserFromGroupWithOptions(request, runtime);
}

model SetAccountAliasRequest {
  accountAlias?: string(name='AccountAlias', description='The alias of the Alibaba Cloud account.

The alias must be 3 to 32 characters in length, and can contain lowercase letters, digits, and hyphens (-).

> It cannot start or end with a hyphen (-), and cannot contain consecutive hyphens (-).', example='myalias'),
}

model SetAccountAliasResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model SetAccountAliasResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetAccountAliasResponseBody(name='body'),
}

/**
 * @summary You can call this operation to specify an alias for an Alibaba Cloud account.
 *
 * @param request SetAccountAliasRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetAccountAliasResponse
 */
async function setAccountAliasWithOptions(request: SetAccountAliasRequest, runtime: Util.RuntimeOptions): SetAccountAliasResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountAlias)) {
    query['AccountAlias'] = request.accountAlias;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetAccountAlias',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary You can call this operation to specify an alias for an Alibaba Cloud account.
 *
 * @param request SetAccountAliasRequest
 * @return SetAccountAliasResponse
 */
async function setAccountAlias(request: SetAccountAliasRequest): SetAccountAliasResponse {
  var runtime = new Util.RuntimeOptions{};
  return setAccountAliasWithOptions(request, runtime);
}

model SetDefaultPolicyVersionRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
  versionId?: string(name='VersionId', description='The ID of the policy version that you want to set as the default version.', example='v2'),
}

model SetDefaultPolicyVersionResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model SetDefaultPolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetDefaultPolicyVersionResponseBody(name='body'),
}

/**
 * @summary Sets the default version of a policy.
 *
 * @param request SetDefaultPolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetDefaultPolicyVersionResponse
 */
async function setDefaultPolicyVersionWithOptions(request: SetDefaultPolicyVersionRequest, runtime: Util.RuntimeOptions): SetDefaultPolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.versionId)) {
    query['VersionId'] = request.versionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetDefaultPolicyVersion',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Sets the default version of a policy.
 *
 * @param request SetDefaultPolicyVersionRequest
 * @return SetDefaultPolicyVersionResponse
 */
async function setDefaultPolicyVersion(request: SetDefaultPolicyVersionRequest): SetDefaultPolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return setDefaultPolicyVersionWithOptions(request, runtime);
}

model SetPasswordPolicyRequest {
  hardExpiry?: boolean(name='HardExpiry', description='Specifies whether a password will expire.

Valid values: `true` and `false`. Default value: `false`. If you leave this parameter unspecified, the default value false is used.

*   If you set this parameter to `true`, the Alibaba Cloud account to which the RAM users belong must reset the passwords before the RAM users can log on to the Alibaba Cloud Management Console.
*   If you set this parameter to `false`, the RAM users can change the passwords after the passwords expire and then log on to the Alibaba Cloud Management Console.', example='false'),
  maxLoginAttemps?: int32(name='MaxLoginAttemps', description='The maximum number of permitted logon attempts within one hour. The number of logon attempts is reset to zero if a RAM user changes the password.', example='5'),
  maxPasswordAge?: int32(name='MaxPasswordAge', description='The number of days for which a password is valid. Default value: 0. The default value indicates that the password never expires.', example='0'),
  minimumPasswordLength?: int32(name='MinimumPasswordLength', description='The minimum required number of characters in a password.

Valid values: 8 to 32. Default value: 8.', example='12'),
  passwordReusePrevention?: int32(name='PasswordReusePrevention', description='The number of previous passwords that a RAM user is prevented from reusing. Default value: 0. The default value indicates that the RAM user can reuse previous passwords.', example='0'),
  requireLowercaseCharacters?: boolean(name='RequireLowercaseCharacters', description='Specifies whether a password must contain one or more lowercase letters.', example='true'),
  requireNumbers?: boolean(name='RequireNumbers', description='Specifies whether a password must contain one or more digits.', example='true'),
  requireSymbols?: boolean(name='RequireSymbols', description='Specifies whether a password must contain one or more special characters.', example='true'),
  requireUppercaseCharacters?: boolean(name='RequireUppercaseCharacters', description='Specifies whether a password must contain one or more uppercase letters.', example='true'),
}

model SetPasswordPolicyResponseBody = {
  passwordPolicy?: {
    hardExpiry?: boolean(name='HardExpiry', description='Indicates whether a password expires.

Valid values: `true` and `false`. Default value: `false`. If the parameter is unspecified, the default value false is returned.

*   If this parameter is set to `true`, the Alibaba Cloud account to which the RAM users belong must reset the password before the RAM users can log on to the Alibaba Cloud Management Console.
*   If this parameter is set to `false`, the RAM users can change the passwords after the passwords expire and then log on to the Alibaba Cloud Management Console.', example='false'),
    maxLoginAttemps?: int32(name='MaxLoginAttemps', description='The maximum number of permitted logon attempts within one hour. The number of logon attempts is reset to zero if a RAM user changes the password.', example='5'),
    maxPasswordAge?: int32(name='MaxPasswordAge', description='The number of days for which a password is valid. Default value: 0. The default value indicates that the password never expires.', example='0'),
    minimumPasswordLength?: int32(name='MinimumPasswordLength', description='The minimum required number of characters in a password.', example='12'),
    passwordReusePrevention?: int32(name='PasswordReusePrevention', description='The number of previous passwords that a RAM user is prevented from reusing. Default value: 0. The default value indicates that the RAM user can reuse previous passwords.', example='0'),
    requireLowercaseCharacters?: boolean(name='RequireLowercaseCharacters', description='Indicates whether a password must contain one or more lowercase letters.', example='true'),
    requireNumbers?: boolean(name='RequireNumbers', description='Indicates whether a password must contain one or more digits.', example='true'),
    requireSymbols?: boolean(name='RequireSymbols', description='Indicates whether a password must contain one or more special characters.', example='true'),
    requireUppercaseCharacters?: boolean(name='RequireUppercaseCharacters', description='Indicates whether a password must contain one or more uppercase letters.', example='true'),
  }(name='PasswordPolicy', description='The password policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model SetPasswordPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetPasswordPolicyResponseBody(name='body'),
}

/**
 * @param request SetPasswordPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetPasswordPolicyResponse
 */
async function setPasswordPolicyWithOptions(request: SetPasswordPolicyRequest, runtime: Util.RuntimeOptions): SetPasswordPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.hardExpiry)) {
    query['HardExpiry'] = request.hardExpiry;
  }
  if (!Util.isUnset(request.maxLoginAttemps)) {
    query['MaxLoginAttemps'] = request.maxLoginAttemps;
  }
  if (!Util.isUnset(request.maxPasswordAge)) {
    query['MaxPasswordAge'] = request.maxPasswordAge;
  }
  if (!Util.isUnset(request.minimumPasswordLength)) {
    query['MinimumPasswordLength'] = request.minimumPasswordLength;
  }
  if (!Util.isUnset(request.passwordReusePrevention)) {
    query['PasswordReusePrevention'] = request.passwordReusePrevention;
  }
  if (!Util.isUnset(request.requireLowercaseCharacters)) {
    query['RequireLowercaseCharacters'] = request.requireLowercaseCharacters;
  }
  if (!Util.isUnset(request.requireNumbers)) {
    query['RequireNumbers'] = request.requireNumbers;
  }
  if (!Util.isUnset(request.requireSymbols)) {
    query['RequireSymbols'] = request.requireSymbols;
  }
  if (!Util.isUnset(request.requireUppercaseCharacters)) {
    query['RequireUppercaseCharacters'] = request.requireUppercaseCharacters;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetPasswordPolicy',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request SetPasswordPolicyRequest
 * @return SetPasswordPolicyResponse
 */
async function setPasswordPolicy(request: SetPasswordPolicyRequest): SetPasswordPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return setPasswordPolicyWithOptions(request, runtime);
}

model SetSecurityPreferenceRequest {
  allowUserToChangePassword?: boolean(name='AllowUserToChangePassword', description='Specifies whether RAM users can change their passwords. Valid values:

*   true: RAM users can change their passwords. This is the default value.
*   false: RAM users cannot change their passwords.', example='true'),
  allowUserToManageAccessKeys?: boolean(name='AllowUserToManageAccessKeys', description='Specifies whether RAM users can manage their AccessKey pairs. Valid values:

*   true: RAM users can manage their AccessKey pairs.
*   false: RAM users cannot manage their AccessKey pairs. This is the default value.', example='false'),
  allowUserToManageMFADevices?: boolean(name='AllowUserToManageMFADevices', description='Specifies whether RAM users can manage their MFA devices. Valid values:

*   true: RAM users can manage their MFA devices. This is the default value.
*   false: RAM users cannot manage their MFA devices.', example='true'),
  allowUserToManagePublicKeys?: boolean(name='AllowUserToManagePublicKeys', description='Specifies whether RAM users can manage their public keys. Valid values:

*   true: RAM users can manage their public keys.
*   false: RAM users cannot manage their public keys. This is the default value.

>  This parameter is valid only for the Japan site.', example='false'),
  enableSaveMFATicket?: boolean(name='EnableSaveMFATicket', description='Specifies whether to remember the multi-factor authentication (MFA) devices of Resource Access Management (RAM) users for seven days. Valid values:

*   true: remembers the MFA devices of RAM users for seven days.
*   false: does not remember the MFA devices of RAM users for seven days.', example='true'),
  loginNetworkMasks?: string(name='LoginNetworkMasks', description='The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.

*   If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
*   If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.

If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.

You can specify up to 40 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.', example='10.0.0.0/8'),
  loginSessionDuration?: int32(name='LoginSessionDuration', description='The validity period of the logon session of RAM users.

Valid values: 1 to 24. Default value: 6. Unit: hours.', example='6'),
}

model SetSecurityPreferenceResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='A978915D-F279-4CA0-A89B-9A71219FFB3E'),
  securityPreference?: {
    accessKeyPreference?: {
      allowUserToManageAccessKeys?: boolean(name='AllowUserToManageAccessKeys', description='Indicates whether RAM users can manage their AccessKey pairs.', example='false'),
    }(name='AccessKeyPreference', description='The AccessKey pair preference.'),
    loginProfilePreference?: {
      allowUserToChangePassword?: boolean(name='AllowUserToChangePassword', description='Indicates whether RAM users can change their passwords.', example='true'),
      enableSaveMFATicket?: boolean(name='EnableSaveMFATicket', description='Indicates whether the MFA devices of RAM users are remembered.', example='false'),
      loginNetworkMasks?: string(name='LoginNetworkMasks', description='The subnet mask.', example='10.0.0.0/8'),
      loginSessionDuration?: int32(name='LoginSessionDuration', description='The validity period of the logon session of RAM users.', example='6'),
    }(name='LoginProfilePreference', description='The logon preference.'),
    MFAPreference?: {
      allowUserToManageMFADevices?: boolean(name='AllowUserToManageMFADevices', description='Indicates whether RAM users can manage their MFA devices.', example='false'),
    }(name='MFAPreference', description='The MFA preference.'),
    publicKeyPreference?: {
      allowUserToManagePublicKeys?: boolean(name='AllowUserToManagePublicKeys', description='Indicates whether RAM users can manage their public keys.', example='false'),
    }(name='PublicKeyPreference', description='The public key preference.

>  This parameter is valid only for the Japan site.'),
  }(name='SecurityPreference', description='The security preferences.'),
}

model SetSecurityPreferenceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetSecurityPreferenceResponseBody(name='body'),
}

/**
 * @summary Configures the security preferences.
 *
 * @param request SetSecurityPreferenceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetSecurityPreferenceResponse
 */
async function setSecurityPreferenceWithOptions(request: SetSecurityPreferenceRequest, runtime: Util.RuntimeOptions): SetSecurityPreferenceResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.allowUserToChangePassword)) {
    query['AllowUserToChangePassword'] = request.allowUserToChangePassword;
  }
  if (!Util.isUnset(request.allowUserToManageAccessKeys)) {
    query['AllowUserToManageAccessKeys'] = request.allowUserToManageAccessKeys;
  }
  if (!Util.isUnset(request.allowUserToManageMFADevices)) {
    query['AllowUserToManageMFADevices'] = request.allowUserToManageMFADevices;
  }
  if (!Util.isUnset(request.allowUserToManagePublicKeys)) {
    query['AllowUserToManagePublicKeys'] = request.allowUserToManagePublicKeys;
  }
  if (!Util.isUnset(request.enableSaveMFATicket)) {
    query['EnableSaveMFATicket'] = request.enableSaveMFATicket;
  }
  if (!Util.isUnset(request.loginNetworkMasks)) {
    query['LoginNetworkMasks'] = request.loginNetworkMasks;
  }
  if (!Util.isUnset(request.loginSessionDuration)) {
    query['LoginSessionDuration'] = request.loginSessionDuration;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetSecurityPreference',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Configures the security preferences.
 *
 * @param request SetSecurityPreferenceRequest
 * @return SetSecurityPreferenceResponse
 */
async function setSecurityPreference(request: SetSecurityPreferenceRequest): SetSecurityPreferenceResponse {
  var runtime = new Util.RuntimeOptions{};
  return setSecurityPreferenceWithOptions(request, runtime);
}

model UnbindMFADeviceRequest {
  userName?: string(name='UserName'),
}

model UnbindMFADeviceResponseBody = {
  MFADevice?: {
    serialNumber?: string(name='SerialNumber'),
  }(name='MFADevice'),
  requestId?: string(name='RequestId'),
}

model UnbindMFADeviceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UnbindMFADeviceResponseBody(name='body'),
}

/**
 * @summary Detaches a multi-factor authentication (MFA) device from a RAM user.
 *
 * @param request UnbindMFADeviceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UnbindMFADeviceResponse
 */
async function unbindMFADeviceWithOptions(request: UnbindMFADeviceRequest, runtime: Util.RuntimeOptions): UnbindMFADeviceResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UnbindMFADevice',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Detaches a multi-factor authentication (MFA) device from a RAM user.
 *
 * @param request UnbindMFADeviceRequest
 * @return UnbindMFADeviceResponse
 */
async function unbindMFADevice(request: UnbindMFADeviceRequest): UnbindMFADeviceResponse {
  var runtime = new Util.RuntimeOptions{};
  return unbindMFADeviceWithOptions(request, runtime);
}

model UpdateAccessKeyRequest {
  status?: string(name='Status', description='The status of the AccessKey pair. Valid values: `Active` and `Inactive`.', example='Inactive'),
  userAccessKeyId?: string(name='UserAccessKeyId', description='The AccessKey ID in the AccessKey pair whose status you want to change.', example='0wNEpMMlzy7s****'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model UpdateAccessKeyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model UpdateAccessKeyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateAccessKeyResponseBody(name='body'),
}

/**
 * @param request UpdateAccessKeyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateAccessKeyResponse
 */
async function updateAccessKeyWithOptions(request: UpdateAccessKeyRequest, runtime: Util.RuntimeOptions): UpdateAccessKeyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.status)) {
    query['Status'] = request.status;
  }
  if (!Util.isUnset(request.userAccessKeyId)) {
    query['UserAccessKeyId'] = request.userAccessKeyId;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateAccessKey',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request UpdateAccessKeyRequest
 * @return UpdateAccessKeyResponse
 */
async function updateAccessKey(request: UpdateAccessKeyRequest): UpdateAccessKeyResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateAccessKeyWithOptions(request, runtime);
}

model UpdateGroupRequest {
  groupName?: string(name='GroupName', description='The name of the RAM user group.', example='Dev-Team'),
  newComments?: string(name='NewComments', description='The new description of the RAM user group.

The comments must be 1 to 128 characters in length.', example='NewDev-Team'),
  newGroupName?: string(name='NewGroupName', description='The new name of the RAM user group.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.), hyphens (-), and underscores (_).', example='NewDev-Team'),
}

model UpdateGroupResponseBody = {
  group?: {
    comments?: string(name='Comments', description='The description of the RAM user group.', example='NewDev-Team'),
    createDate?: string(name='CreateDate', description='The time when the RAM user group was created.', example='2015-01-23T12:33:18Z'),
    groupId?: string(name='GroupId', description='The ID of the RAM user group.', example='g-FpMEHiMysofp****'),
    groupName?: string(name='GroupName', description='The new name of the RAM user group.', example='NewDev-Team'),
    updateDate?: string(name='UpdateDate', description='The time when the information of the RAM user group was updated.', example='2015-01-23T12:33:18Z'),
  }(name='Group', description='The information of the RAM user group.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC6647CC-0A36-EC7A-BA72-CC81BF3DE182'),
}

model UpdateGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateGroupResponseBody(name='body'),
}

/**
 * @summary Modifies a RAM user group.
 *
 * @param request UpdateGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateGroupResponse
 */
async function updateGroupWithOptions(request: UpdateGroupRequest, runtime: Util.RuntimeOptions): UpdateGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.newComments)) {
    query['NewComments'] = request.newComments;
  }
  if (!Util.isUnset(request.newGroupName)) {
    query['NewGroupName'] = request.newGroupName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateGroup',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies a RAM user group.
 *
 * @param request UpdateGroupRequest
 * @return UpdateGroupResponse
 */
async function updateGroup(request: UpdateGroupRequest): UpdateGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateGroupWithOptions(request, runtime);
}

model UpdateLoginProfileRequest {
  MFABindRequired?: boolean(name='MFABindRequired', description='Specifies whether an MFA device must be attached to the RAM user upon logon.', example='true'),
  password?: string(name='Password', description='The logon password of the RAM user. The password must meet the password strength requirements.', example='mypassword'),
  passwordResetRequired?: boolean(name='PasswordResetRequired', description='Specifies whether the RAM user must change the password upon logon.', example='true'),
  userName?: string(name='UserName', description='The name of the RAM user.', example='zhangq****'),
}

model UpdateLoginProfileResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
}

model UpdateLoginProfileResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateLoginProfileResponseBody(name='body'),
}

/**
 * @param request UpdateLoginProfileRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateLoginProfileResponse
 */
async function updateLoginProfileWithOptions(request: UpdateLoginProfileRequest, runtime: Util.RuntimeOptions): UpdateLoginProfileResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.MFABindRequired)) {
    query['MFABindRequired'] = request.MFABindRequired;
  }
  if (!Util.isUnset(request.password)) {
    query['Password'] = request.password;
  }
  if (!Util.isUnset(request.passwordResetRequired)) {
    query['PasswordResetRequired'] = request.passwordResetRequired;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateLoginProfile',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @param request UpdateLoginProfileRequest
 * @return UpdateLoginProfileResponse
 */
async function updateLoginProfile(request: UpdateLoginProfileRequest): UpdateLoginProfileResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateLoginProfileWithOptions(request, runtime);
}

model UpdatePolicyDescriptionRequest {
  newDescription?: string(name='NewDescription', description='The description of the policy.

The value of the parameter must be 1 to 1,024 characters in length.', example='This is a test policy.'),
  policyName?: string(name='PolicyName', description='The name of the policy.', example='TestPolicy'),
}

model UpdatePolicyDescriptionResponseBody = {
  policy?: {
    createDate?: string(name='CreateDate', description='The time when the policy was created.', example='2022-02-28T07:04:15Z'),
    defaultVersion?: string(name='DefaultVersion', description='The version of the policy. Default value: v1.', example='v1'),
    description?: string(name='Description', description='The description of the policy.', example='This is a test policy.'),
    policyName?: string(name='PolicyName', description='The name of the policy.', example='TestPolicy'),
    policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy', example='Custom'),
    updateDate?: string(name='UpdateDate', description='The time when the policy was modified.', example='2022-02-28T07:05:37Z'),
  }(name='Policy', description='The information about the policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7572DEBD-0ECE-518E-8682-D8CB82F8FE8E'),
}

model UpdatePolicyDescriptionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdatePolicyDescriptionResponseBody(name='body'),
}

/**
 * @summary Modifies the description of a custom policy.
 *
 * @description You can call this operation to modify only the description of a custom policy. You cannot modify the description of a system policy.
 *
 * @param request UpdatePolicyDescriptionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdatePolicyDescriptionResponse
 */
async function updatePolicyDescriptionWithOptions(request: UpdatePolicyDescriptionRequest, runtime: Util.RuntimeOptions): UpdatePolicyDescriptionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.newDescription)) {
    query['NewDescription'] = request.newDescription;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdatePolicyDescription',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the description of a custom policy.
 *
 * @description You can call this operation to modify only the description of a custom policy. You cannot modify the description of a system policy.
 *
 * @param request UpdatePolicyDescriptionRequest
 * @return UpdatePolicyDescriptionResponse
 */
async function updatePolicyDescription(request: UpdatePolicyDescriptionRequest): UpdatePolicyDescriptionResponse {
  var runtime = new Util.RuntimeOptions{};
  return updatePolicyDescriptionWithOptions(request, runtime);
}

model UpdateRoleRequest {
  newAssumeRolePolicyDocument?: string(name='NewAssumeRolePolicyDocument', description='The policy that specifies the trusted entity to assume the RAM role.', example='{ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::12345678901234****:root" } } ], "Version": "1" }'),
  newDescription?: string(name='NewDescription', description='The new description of the RAM role.

The value must be 1 to 1,024 characters in length.', example='ECS administrator'),
  newMaxSessionDuration?: long(name='NewMaxSessionDuration', description='The maximum session duration of the RAM role.

Valid values: 3600 to 43200. Unit: seconds.Default value: 3600.

If you do not specify this parameter, the default value is used.', example='3600'),
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.),and hyphens (-).', example='ECSAdmin'),
}

model UpdateRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  role?: {
    arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the role.', example='acs:ram::123456789012****:role/ECSAdmin'),
    assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The policy that specifies the trusted entity to assume the RAM role.', example='{ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::123456789012****:root" } } ], "Version": "1" }'),
    createDate?: string(name='CreateDate', description='The time when the RAM role was created.', example='2015-01-23T12:33:18Z'),
    description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
    maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
    roleId?: string(name='RoleId', description='The ID of the RAM role.', example='901234567890****'),
    roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
    updateDate?: string(name='UpdateDate', description='The time when the description of the RAM role was changed.', example='2015-01-23T12:33:18Z'),
  }(name='Role', description='The information of the RAM role.'),
}

model UpdateRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateRoleResponseBody(name='body'),
}

/**
 * @summary Changes the description of a RAM role.
 *
 * @description This topic provides an example to show how to change the description of ECSAdmin to ECS administrator.
 *
 * @param request UpdateRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateRoleResponse
 */
async function updateRoleWithOptions(request: UpdateRoleRequest, runtime: Util.RuntimeOptions): UpdateRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.newAssumeRolePolicyDocument)) {
    query['NewAssumeRolePolicyDocument'] = request.newAssumeRolePolicyDocument;
  }
  if (!Util.isUnset(request.newDescription)) {
    query['NewDescription'] = request.newDescription;
  }
  if (!Util.isUnset(request.newMaxSessionDuration)) {
    query['NewMaxSessionDuration'] = request.newMaxSessionDuration;
  }
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateRole',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Changes the description of a RAM role.
 *
 * @description This topic provides an example to show how to change the description of ECSAdmin to ECS administrator.
 *
 * @param request UpdateRoleRequest
 * @return UpdateRoleResponse
 */
async function updateRole(request: UpdateRoleRequest): UpdateRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateRoleWithOptions(request, runtime);
}

model UpdateUserRequest {
  newComments?: string(name='NewComments', description='The new description of the RAM user.

The description must be 1 to 128 characters in length.', example='This is a cloud computing engineer.'),
  newDisplayName?: string(name='NewDisplayName', description='The new display name of the RAM user.

The name must be 1 to 128 characters in length.', example='xiaoq****'),
  newEmail?: string(name='NewEmail', description='The new email address of the RAM user.

>  This parameter can be returned only on the China site (aliyun.com).', example='xiaoq****@example.com'),
  newMobilePhone?: string(name='NewMobilePhone', description='The new mobile phone number of the RAM user.

Format: \\\\<Country code>-\\\\<Mobile phone number>.

>  This parameter can be returned only on the China site (aliyun.com).', example='86-1860000****'),
  newUserName?: string(name='NewUserName', description='The new username of the RAM user.

The username must be 1 to 64 characters in length, and can contain letters, digits, periods (.), hyphens (-), and underscores (_).', example='xiaoq****'),
  userName?: string(name='UserName', description='The username of the RAM user.', example='zhangq****'),
}

model UpdateUserResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  user?: {
    comments?: string(name='Comments', description='The description of the RAM user.', example='This is a cloud computing engineer.'),
    createDate?: string(name='CreateDate', description='The point in time when the RAM user was created. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
    displayName?: string(name='DisplayName', description='The display name of the RAM user.', example='xiaoq****'),
    email?: string(name='Email', description='The email address of the RAM user.

>  This parameter can be returned only on the China site (aliyun.com).', example='xiaoq****@example.com'),
    mobilePhone?: string(name='MobilePhone', description='The mobile phone number of the RAM user.

>  This parameter can be returned only on the China site (aliyun.com).', example='86-1860000****'),
    updateDate?: string(name='UpdateDate', description='The point in time when the information about the RAM user was last modified. The time is displayed in UTC.', example='2015-02-11T03:15:21Z'),
    userId?: string(name='UserId', description='The ID of the RAM user.', example='122748924538****'),
    userName?: string(name='UserName', description='The username of the RAM user.', example='xiaoq****'),
  }(name='User', description='The information about the RAM user.'),
}

model UpdateUserResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateUserResponseBody(name='body'),
}

/**
 * @description This topic provides an example on how to change the name of a RAM user from `zhangq****` to `xiaoq****`.
 *
 * @param request UpdateUserRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateUserResponse
 */
async function updateUserWithOptions(request: UpdateUserRequest, runtime: Util.RuntimeOptions): UpdateUserResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.newComments)) {
    query['NewComments'] = request.newComments;
  }
  if (!Util.isUnset(request.newDisplayName)) {
    query['NewDisplayName'] = request.newDisplayName;
  }
  if (!Util.isUnset(request.newEmail)) {
    query['NewEmail'] = request.newEmail;
  }
  if (!Util.isUnset(request.newMobilePhone)) {
    query['NewMobilePhone'] = request.newMobilePhone;
  }
  if (!Util.isUnset(request.newUserName)) {
    query['NewUserName'] = request.newUserName;
  }
  if (!Util.isUnset(request.userName)) {
    query['UserName'] = request.userName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateUser',
    version = '2015-05-01',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @description This topic provides an example on how to change the name of a RAM user from `zhangq****` to `xiaoq****`.
 *
 * @param request UpdateUserRequest
 * @return UpdateUserResponse
 */
async function updateUser(request: UpdateUserRequest): UpdateUserResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateUserWithOptions(request, runtime);
}

